Configuring Security for Unified Messaging Users
Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-04-04
In Microsoft Exchange Server 2007 Unified Messaging, PIN policies are defined and configured on a UM mailbox policy. Multiple UM mailbox policies can be created, depending on your requirements. When you enable a user for Unified Messaging, you associate or link the user to an existing UM mailbox policy. The UM PIN policies that are configured on the UM mailbox policy should be based on the security requirements of your organization.
A PIN is a numeric string that is used in certain systems, including unified messaging systems, so that a user can be authenticated and gain access. A PIN is a pass code that a user enters on the telephone to access their Exchange mailbox. The strength of the PIN depends on its length, how well it is protected, and how difficult it is to guess.
When you configure PIN settings for a UM-enabled user, you will configure and manage PIN settings on the UM-enabled user's Exchange 2007 mailbox and on the UM mailbox policy that is associated with the UM-enabled user.
When a subscriber or a UM-enabled user uses a telephone to connect to a computer that has the Exchange 2007 Unified Messaging server role installed, they use Outlook Voice Access to move through the Unified Messaging menu system. However, before the user can access the Unified Messaging system, the system prompts them to input their PIN. As the administrator, you can configure PIN settings and requirements and perform PIN management tasks.
For more information about how to configure and manage PIN settings for UM-enabled users, see the following topics:
- Configuring PIN Security for UM-Enabled Users
- How to Reset a User's Unified Messaging PIN
- How to Set PIN Policies for Unified Messaging Users
- How to Retrieve PIN Information for a UM-enabled User
UM mailbox policies can be configured to increase the level of security for UM-enabled users by requiring users to comply with the predefined PIN policies for your organization.
When you modify a UM mailbox policy, you can change such settings as PIN policies, message text settings, and dialing restrictions for a single UM-enabled recipient or for multiple UM-enabled recipients. UM mailbox policies can be configured to increase the level of security for UM-enabled users.
You can increase the level of security for your network by correctly implementing and configuring the following PIN settings on a UM mailbox policy:
The minimum number of digits that are required for a PIN
The time, in days, that a PIN is accepted by the system
The number of times attempts to log on can fail before the user's PIN will be reset
The maximum number of logon attempts before the user is locked out of their mailbox.
Whether to allow users to use common patterns in their PIN
The number of past PIN entries that the system should remember
For more information about how to configure these and other PIN settings on a UM mailbox policy, see the following topics:
- How to Configure the Number of Logon Failures Before a Mailbox is Locked Out
- How to Configure the Minimum PIN Length
- How to Configure the PIN Lifetime
- How to Change the Number of Previous PINs to Disallow
- How to Configure the Number of Logon Failures Before a PIN is Reset
- How to Enable or Disable Common PIN Patterns
- How to Include Additional Text with the E-Mail Message Sent When a PIN Is Reset
For more information about how to manage security by using UM mailbox policies, see Managing Unified Messaging Mailbox Policies.
For more information about Unified Messaging users, see Understanding Unified Messaging Users.
For more information about Unified Messaging mailbox policies, see Understanding Unified Messaging Mailbox Policies.
For more information about security and protection features in Exchange 2007, see Security and Protection.