V 0.1Slide 1 Security – System Configuration How to configure WebSAMS? Access Control Other Information Configuration system customization system configuration

V 0.1 Slide 1Slide 1Security – System Configuration

How to configure WebSAMS?

Access Control

Other Information

Configuration system customization

system configuration

Customization

ip configuration

E-Mail

Authorizeduser


System Configuration :

Allow user to maintain the following settings:

General Settings

System Accessibility Settings

Email settings

File size control of system log & audit trail

All the system configuration will take effect only after the user

re-logins the system



Maximum number of fault login attempts allowed /

Auto-unlock period of locked accounts :

The number of times that a user can try to login with a wrong

password before the account is locked

Locked account will be unlocked after the elapse of the auto-

unlock period, counting from the time the account is locked.

For no auto-unlock, the locked account can only be unlocked

manually in the “Unlock Account” function.



Automatic logout period (inside / outside SAMS LAN

segment) :

The system will automatically logout an account after it is left

idle for a period longer than the automatic logout period defined.

Automatic logout period inside and outside the SAMS LAN

segment can be defined separately.



Password expiry period:

For security reason, users should modify their passwords

periodically.

User will be reminded to change his/her account password if it

is due to be expired within 14 days. The remaining number of

days before password expiry will be displayed to the user after

each successful login. When the user changes the password, the new password

expiry date will be the system date plus the password expiry

period.


Password expiry period (cont’d):

If the user does not change the password and the password

expires, the user will not be able to login the system again.

The password expiry period also affects the password expiry

date when a new user account is created.

For the 2 built-in accounts, ‘sysadmin’ and ‘asysadmin’, the

password is set to ‘Never Expire’.



Number of passwords stored in password History:

The system will store a certain number of previously used

passwords. The number of passwords stored is defined here,

from 1 to 5.

When changing new password, the system will ensure that the

new password entered does not duplicate with the stored

passwords.



Enable Multiple Login:

A user can login the system in several browsers from the

same/different workstations at the same time if the box is

checked. It is recommended to disable Multiple Login for security

reason.

User can login the system from internet if the box is checked.

Enable Internet Access:

Enable ITED Access: User can login the system from school ITED LAN Segment if the

box is checked.



Data Backup log file path:

The server directory where the database backup log files will be

stored. The administrator has to set this value before he/she can

view the database backup log files with the ‘View Backup Log’

function.

The server directory where the backup tool stores the file

server backup log files. It is used by the ‘View Backup Log’

function

Server Backup log file path:

Archive file path:

The server directory where the audit trail archive files will be

stored.



System access time inside/outside SAMS LAN

Segment User can login the system in the period defined here.

Access time in Monday-Saturday and Sunday can be set

separately. Access period of 24 hours a day can be set by selecting the “24

Hours” option.

The access time inside or outside SAMS LAN Segment can be

set separately

Note 1: The access time setting is not applicable to the ‘sysadmin’

account Note 2: Take note of any conflict with the system batch jobs such as

database/server backup when granting access period of 24 hours a

day



Release of Access Time Control to 24 hours

Account of staff/student/parent user type can be selected to

enjoy access time of 24 hours a day within a particular period of

time for operational purpose.

Within the period defined, the selected users can access the

system at any time.



Enable E-Mail Function:

The option has to be enabled before emails can be sent out

from WebSAMS.



School's E-Mail Address for Return of E-Mail by

Recipients:

If E-Cert for digital signature is not used, this email address will

be displayed as the sender’s email address for all mails sent out

from WebSAMS.

If E-Cert is used for digital signature, the email address in the

E-Cert will be used instead.



SMTP Server of ISP subscribed by School:

The SMTP server of the ISP is used to send outgoing emails via

internet.

E-Mail Account provided by ISP subscribed:

This is the E-Mail account provided to the school by the ISP for

using its SMTP server.

Password of the E-Mail Account provided by ISP:

The password of the E-Mail account should be entered

correctly.



E-Mail Recipient Limit for each mail:

If the number of recipients of an email is larger than this limit,

the email will be sent out by batch. The number of recipients in

each batch will be less than or equal to this limit.

Size Limit for each E-Mail (MB):

The maximum size of each outgoing email in megabytes.



Size Limit for Storing Each User's Sent Mails (MB) :

The size limit of each user’s mail history in megabytes.

Maximum number of Retry for Sending Mail:

The maximum number of attempts for sending each email.

If mail sending is still not successful after this number of

attempts, mail sending will be aborted and the mail will be

marked as ‘Sending Failed’.



Location Path and Password of (Organizational) e-

Cert for Digital Signature:

The school may use e-Cert to digitally sign all outgoing emails

for authentication purpose. Then the two settings of location

path and password of the e-Cert information should be entered.

If the school does not use e-Cert for signing emails, two fields

can be left blank.



Size Limit of Audit Trail storing in DB(MB):

The maximum database space used for storing Audit Trail in

Megabytes.

Zero for no limit.

When the assigned database space is full, user may archive the

audit trail records as Archived Audit Trail. After the archive, the

audit trail records which have been archived will be deleted from

the database.



Size Limit of Archived Audit Trail storing in server

(MB): The maximum hard disk space used for storing Archived Audit

Trail files in Megabytes.

Zero for no limit.

When the assigned hard disk space has been reached, user

may delete the files or move the files to other folders manually.



Size Limit of DB backup /recovery log storing in

server (MB):

The maximum hard disk space used for database

backup/recovery log files in Megabytes.

Zero for no limit.


Click

ESC

To Return

Size Limit for Server backup/ recovery log storing in

server (MB):

The maximum hard disk space used for server backup/recovery

log files in Megabytes.

Zero for no limit.

Documents

V 0.1Slide 1 Security – System Configuration How to configure WebSAMS? Access Control Other Information Configuration system customization system configuration