System administrator access, Overview, About administrator access – TANDBERG D14049.04 User Manual

23

D14049.04
JULY 2008

Grey Headline (continued)

About Administrator Access

While it is possible to administer the
TANDBERG VCS via a PC connected directly
to the unit via a serial cable, you may wish to
access the system remotely over IP.
You can do this using either or both:

the

•

web interface

via HTTPS

a

•

command line interface

(CLI) via SSH or

Telnet.

By default, access via HTTPS and SSH is
enabled; access via Telnet is disabled. These
can be enabled and disabled according to your
requirements.
You can also enable access via HTTP.
However, this mode works by redirecting HTTP
calls to the HTTPS port, so HTTPS must be
enabled for access via HTTP.

!

Tandberg Management Suite (TMS)
accesses the VCS via the web server.
If HTTPS mode is turned off, TMS will

not be able to access it.

Overview

Security Considerations

To securely manage the VCS you should
disable Telnet, using the encrypted HTTPS and
SSH protocols instead. For further security,
disable HTTPS and SSH as well and use the
serial port to manage the system.

!

Because access to the serial port
allows the password to be reset, it is
recommended that you install the VCS

in a physically secure environment.

Configuring Administrator Access

To configure the ways in which your system is
accessed:

System Configuration > System

•

.

You will be taken to the

System

Administration

page.

In the

Admin Access

section, select

Off

or

On

from the drop-down boxes for each service.

xConfiguration Administratio

•

n

Administration Accounts

The VCS has a default administrator account with full read/write access. This account is used
to log into the VCS via the web UI or the CLI. You can add additional administrator accounts with
either read/write access or read-only access; these can be used to log in via the web UI only. See
the

Administration Accounts

section for information on how to create these additional accounts.

Default Administrator Account

The default administrator account has a username of

admin

(all lower case) and a default password

of

TANDBERG

(all upper case). You cannot delete the default administrator account or change

the

admin

username, but you should change the password as soon as possible. Choose a strong

password, particularly if administration over IP is enabled.

Administrator Session Timeout

By default, Administrator sessions do not time
out – they remain active until you logout.
You can set the system to timeout an
Administrator session after a set number of
minutes of inactivity. The timeout period will
apply to all Administrator sessions using both
the Web Interface and the Command Line
Interface.
To set the timeout period:

System Configuration > System

•

.

You will be taken to the

System

Administration

page.

In the

Admin Access

section, in the

Session

time out (minutes)

box, enter the number

of minutes of inactivity after which an
administrator session should time out.

xConfiguration Administration

TimeOut

Values must be between

0

and

10,000

. A

value of

0

means that Administrator sessions

will never time out.

Root Account

The VCS provides a root account which
will have the same password as the

admin

account. The root account should not be used
in normal operation, and in particular system
configuration should not be conducted using
this account. Use the

admin

account instead.

You must restart the system for any
changes to the Administrator settings
to take effect.

!

It is possible to have more than one
Administrator session running at the
same time. These sessions could be

via the web interface, command line interface,
or a mixture of both. This may cause issues if
each Administrator session is attempting to
make the same configuration changes.

Changing the Default Administrator
Password

To change the administrator password:

Maintenance > Administration Accounts.

•

You will be taken to the

Administration

Accounts

page.

Click on

View/Edit

for the

admin

name.

You will be taken to the

Edit Administration

Account

page.

In the

Password

and

Confirm Password

fields,

enter the new password, and click

Save

.

To set an empty password via the web UI,
delete the characters from the

Password

and

Confirm Password

fields and click

Save

.

xConfiguration SystemUnit Passwor

•

d

To set an empty password via the CLI, type:

xConfiguration SystemUnit Password: ""

Resetting the Default Administrator
Password

If you forget your password, it is possible to set
a new password using the following procedure:

Connect a PC to the VCS using the serial

1.

cable as per the instructions in steps 1 and
2 of

Initial Configuration via Serial Cable

.

Reboot the VCS.

2.

Login from the PC with the username

3.

pwrec

.

No password is required.
You will be prompted for a new password.

4.

The

pwrec

account is only active for one

minute following a restart. Beyond that
time you will have to restart the system

again to change the password.

TANDBERG

VIDEO COMMUNICATIONS SERVER

ADMINISTRATOR GUIDE

Introduction

Getting Started

Overview and

Status

System

Configuration

VCS

Configuration

Zones and

Neighbors

Call

Processing

Bandwidth

Control

Firewall

Traversal

Appendices

Applications

Maintenance

System Administrator Access