Polycom 1500 Server User Manual


  Open as PDF
of 1124
 
Chapter 15-Users, Connections, and Notes
Polycom, Inc. 15-7
2 The Collaboration Server searches its records to find the FQDN that is associated with the
application-user’s name.
3 If the FQDN in the received certificate matches that associated with application-user, and
the password is correct, the connection proceeds.
Guidelines
Application-users are only supported when TLS security is enabled and Request peer
certificate is selected. TLS security cannot be disabled until all application-user accounts
have been deleted from the system.
•For Secure Communications, an administrator must set up on the Collaboration Server
system a machine account for the CMA/DMA/XMA system with which it interacts. This
machine account must include a fully-qualified domain name (FQDN) for the CMA/
DMA/XMA system.
Application-user names are the same as regular user names.
Example: the CMA application could have an application-user name of CMA1.
•The FQDN can be used to associate all user types: Administrator, Operator with the
FQDN of a server.
•Multiple application-users can be configured the same FQDN name if multiple
applications are hosted on the same server
If the system is downgraded the application-user’s FQDN information is not deleted
from the Collaboration Server’s user records.
•A System Flag, PASS_EXP_DAYS_MACHINE, enables the administrator to change the
password expiration period of application-user’s independently of regular users. The
default flag value is 365 days.
The server hosting an application-user whose password is about to expire will receive a
login response stating the number of days until the application-user’s password expires.
This is determined by the value of the
PASSWORD_EXPIRATION_WARNING_DAYS System Flag. The earliest warning
can be displayed 14 days before the password is due to expire and the latest warning
can be displayed 7 days before passwords are due to expire. An Active Alarm is created
stating the number of days before the password is due to expire.
•The MIN_PWD_CHANGE_FREQUENCY_IN_DAYS System Flag does not effect
application-user accounts. Applications typically manage their own password change
frequency.
If an application-user identifies itself with an incorrect FQDN, its account will not be
locked, however the event is written to the Audi
tor Event File.
If an application-user identifies itself with a correct FQDN
and an incorrect password, its
account will be locked and the event written to the Auditor Event File.
•An application-user cannot be the last administrator in the system. The last administrator
must be regular user.
User names are not case sensitive.
Monitoring
•An application-user and its connection is represented by a specific icon.