Default device preferences and security settings
IBM Traveler provides a built-in set of default device preferences and security settings that an administrator can modify for use when a device initially registers with IBM Traveler. Users can then modify their device preferences from their IBM Traveler device clients.
The IBM Traveler administration database contains a default device settings document that initializes with the IBM Traveler built-in defaults for device preferences and device security settings. Device preferences control how and what data is synced with devices, and security settings define the security policy for devices.
IBM Traveler releases before 8.5.1 require an administrator to use IBM® Domino® policies to modify the IBM Traveler default preferences and to define security settings. IBM Traveler 8.5.1 or later administrators should modify the default device settings document to change the default settings and use Domino® policies only when there is a need to override these defaults for particular users or groups. If settings and security policies are defined for a user in both a Domino® policy and in the IBM Traveler default settings document, the Domino® policy settings are used.
Domino® policies provide additional flexibility and functionality but are more difficult to use than the default device settings document in some environments. The advantagee of using Domino® policies is the ability to assign different device preferences and security settings by user, group, or organization. The default settings document does include a mechanism to include or exclude users, groups, and organizations, but it is much more limited than Domino® policies. Users to which the default settings document does not apply receive the IBM Traveler built-in defaults if they do not have a Domino® policy. These hard-coded defaults are the same as the default settings document. With Domino® policies, you can define different settings for every user. The limited include/exclude support of the default settings document allows you to have two sets of defaults: those defined in the default settings document, and the built-in IBM Traveler defaults.
Domino® policies are more difficult to manage in the following environments:
- Multiple Domino® domain environments – When a Domino® policy applies to users in different Domino® domains, you must create and maintain the policy in each Domino® domain. The IBM Traveler default settings document only needs to be defined on the IBM Traveler server. It does not need to be replicated to the various user mail files. As a result the single default settings document can apply to all IBM Traveler users syncing through that IBM Traveler server regardless of the Domino® domain of the user.
- Mixed Domino® server levels – The Domino® administration server on which a Domino® policy for IBM Traveler users is created must be at least a Domino® 8.0.1 server. Use the server level of the Domino® IBM Traveler server or higher. A Domino® 8.0.1 or later server with the directory template level of the IBM Traveler server or higher could be used instead. Domino® policies must get replicated from the administration server to the mail servers of the users to which the policies apply. The adminp task then pushes the policy settings to the mail files of the users. Domino® 8.0.1 is the first server level with adminp task support for IBM Traveler policy settings. IBM Traveler can support policies on Domino® servers before 8.0.1 but their directory template should be upgraded to use the Domino® 8.0.1 directory template level or later. Using the IBM Traveler default settings support allows you to avoid the preceding server level and directory template level requirements if your Domino® environment contains prior server levels that you do not want to upgrade.
Modifying default device preferences and security settings
Use these steps to modify the default device preferences, which control how and what data is synced with devices. You can also use the steps to modify default "Security" settings, which define the security policy for devices.
- Open the IBM Traveler administration application. Refer to Using the administration application for more information.
- Open the Device Settings view.
- Click Edit Settings.
- Click the Preferences tab.
- Click one or more sub-tabs, and modify the wanted settings. For information about the settings, see Default device preference and security setting values.
- Click the Assignment tab.
- Modify the include/exclude user lists only if you want to limit the users to which the default
settings apply. Leave these lists blank so that the defaults apply to all users.
The primary purpose of the include/exclude list is to allow administrators to exclude a limited number of users from the device settings. Any users excluded use the device settings built into the IBM Traveler server itself. These built-in settings are the same as the initial default device settings, which are all set to off. Adding any entries (names, groups, or organizations) to the exclude list excludes those users from the default device settings. Adding any entries to the include list means that the default device settings apply only to the users in the list, and all others are excluded. The exclude list takes precedence if any users are in both lists.
- Select Save and Close.