Creating security policy settings for Verse users

To create or enforce security settings for HCL Verse® users, you must create a security policy settings document.

About this task

Although there are other security policy settings that can be created for Verse® users, the settings here are applicable to Verse security, and the explanations in the following table describe how these settings affect Verse users.

Procedure

  1. Make sure that you have Editor access to the Domino® Directory and one of these roles:
    • PolicyCreator role to create a settings document
    • PolicyModifier role to modify a settings document
  2. From the Domino® Administrator, select the People & Groups tab, and then open the Settings view.
  3. Click Add Settings, and then choose Security.
  4. On the tabs listed in the following tables, complete these fields:
    Table 1. Password Management Basics tab
    Setting Description

    Allow users to change Internet password over HTTP

    This setting determines whether the Verse user preference Change Internet Password displays:

    • Yes (default) - allows users to use a Web browser to change their Internet passwords. Verse users use the Change Internet Password preference to do so.
    • No - the user preference Change Internet Password will not display.

    Update Internet Password When Notes Client Password Changes

    For Verse users, this setting determines whether there will be one user preference Change Password, instead of two preferences, Change Notes ID password and Change Internet Password. If there is only one preference, the Notes® ID password in the mail file is updated when the Internet password is changed.

    Choose one:

    • No (default) -- User preferences include both Change Notes ID password and Change Internet Password user preferences, and the user must change both.
    • Yes -- Synchronizes the user Internet password with the Verse client password. User preferences include only the Change Password preference, which is used to change both passwords.

    Enforce password expiration

    If you enable password expiration for any of the options, the security settings document defaults change. Choose one:

    • Disabled (default) - disables password expiration. If you disable password expiration, do not complete the remaining fields in this section.
    • HCL Notes® only - enables password expiration for Notes® passwords only. For Verse users, this enables expiration for the Notes® ID stored in the user's mail file.
    • Internet only - enables password expiration for Internet passwords only.
    • Notes® and Internet -- enables password expiration for both Notes® and Internet passwords. For Verse users, it enables expiration for both the Notes® ID stored in the user's mail file and for the Internet password.
    Note: Internet password expiration settings are recognized only by the HTTP protocol. This means that Internet passwords can be used indefinitely with other Internet protocols, such as LDAP or POP3.
    Note: Do not enable password expiration if users use Smartcards to log in to Domino® servers.

    Required password quality

    If you require users to create passwords based on password quality, specify that quality by choosing a value from the drop-down list. To use length instead of password quality, continue to the next field.

    For Verse users, password quality settings are enforced when the Notes® ID is stored in the user's mail file and the password is changed via Verse user preferences.

    Use length instead

    If you require users to create passwords based on length, click Yes. When you do, the Required Password Quality field changes to Required password length. Specify the minimum password length here.

    For Verse users, password quality settings are enforced when the Notes® ID is stored in the user's mail file and the password is changed via Verse user preferences.

    Warning Period

    Specify the number of days prior to password expiration to indicate when the user will receive an expiration warning message.
    Table 2. Custom Password Policy tab
    Setting Description

    Change Password on First Notes® Client Use

    Require users to change their passwords the first time they log in using Notes®. For Verse, users must change the embedded Notes® ID password before using it the first time.

    Note: This works only if the policy is applied during user registration.
    Table 3. Keys and Certificates tab
    Setting Description

    Warning period

    Specify the number of days prior to certificate expiration at which the user Warning period receives an expiration warning message.