Functionally Partitioned System Administration (FPSA) is a standard software feature that requires you to enter your user identifier (user ID) and password for verification before you can reach any of the system maintenance console menus. Access to the menus is based on the authorization level of your user ID and password.
FPSA allows access to menus only to persons who are authorized through permission categories. In addition, FPSA requires passwords for all users logging in.
Six permission categories are available. The first is applicable only to the system superuser. The remaining five can be applied to FPSA users to establish their privileges. The categories are described in the following table.
|
Category # |
Category Name |
Description |
|
1 |
System Superuser |
Unlimited access to all Text and Web Console features and server resources. Can perform FPSA management activities such as adding users, unlocking users, changing permission categories, resetting passwords and starting audit trails. Two superusers ("admin" and "root") are created when the system is originally installed. You can reset their password, but you cannot change or delete them. If you forget the superuser password, you can contact Mitel assistance for assistance or reset it yourself using a Unix Shell command. |
|
2 |
NuPoint Voice Superuser |
Access to all Text and Web Console features and server resources with the exception of FPSA management. |
|
3 |
System Configuration |
Access only to system configuration and network features in the Text and Web Console. For example, see Features Class of Service. |
|
4 |
Mailbox Maintenance |
Access only to mailbox maintenance features in the Text and Web Console. |
|
5 |
Inquiry/Report Only |
Access only to inquiry features such as Reports, Statistics, and Dump in the Text and Web Console. |
|
6 |
Network Configuration |
Access only to network and network-related features in the Text and Web Console. |
After logging in as an FPSA user, you can perform menu-based procedures described in this section ONLY if you have the appropriate permission category or categories.
FPSA limits access to menus based on a permission category or categories assigned to each user ID. If you attempt to reach an unauthorized menu, the server responds with a “Permission denied” message. Each server menu also has one or more permission categories associated with it.
When you assign permission categories to each user, make sure that the combination is sensible. For example, category 1 gives access to the entire server, so there is no need to assign any other permission categories in addition. Categories 3 and 6 together give permission for all system configuration menus.
FPSA is activated by default on the NuPoint UM system. Prior to using it, the administrator needs to configure the FPSA parameters and add up to 500 new users in the Text or Web Console. When these steps are complete, the users can reach console menus only if they have the proper permission category (or categories). Every console menu is associated with one or more permission categories.
The following restrictions apply to FPSA passwords:
Passwords must contain at least one letter, one digit, and one punctuation mark. For example, o;ster1.
Users must change their passwords periodically (default is 30 days). The new password must be different from the old one. The server issues a reminder notice at login warning that the password must be changed; the default reminder period is seven days. If the password is not changed before the expiration date, the server forces the user to change passwords after logging in. The system superuser can set the period between password changes and the period for displaying warnings.
The above-noted restrictions do not apply to the system superuser ("admin" and "root").
If a user enters an invalid or incorrect ID or password, the server displays “login incorrect” and the login sequence halts. If a user attempts to reach a menu outside the user's permission category or categories, the server displays "permission denied" and prohibits access.
After three unsuccessful login attempts, the user will be locked out and must contact the system superuser to have his or her password reset. If you are the system superuser and forget your password or become locked out, contact Technical Support for assistance or reset the password using a Unix Shell command.
An FPSA user can only have one login session. If a user opens a second session on the same or another PC, the first session will be terminated.
A client can support only one login session. If an FPSA user opens a second session, the first session will be terminated.
FPSA users are automatically logged out after five minutes of inactivity.
Up to five users of any type (FPSA, "admin," or "root") can be logged in to Web Console simultaneously. If a sixth user attempts to log in, access will be denied.
Configuration involves the following steps:
Configure password parameters
Add FPSA users to the Web or Text Console
Set up an audit trail if desired
Note: FPSA user information is not included in a NuPoint backup. If it is necessary to perform a restore procedure, FPSA user information will not be included.
The following table provides examples of how NuPoint features can be accessed with FPSA permission categories.
|
Feature |
Permission Category |
|||||
|
1 |
2 |
3 |
4 |
5 |
6 |
|
|
Change Password and Security Settings |
* |
|
|
|
|
|
|
Configure NP-UM Wake Up |
* |
* |
|
|
|
|
|
Configure Remote Modem Connection |
* |
* |
|
|
|
|
|
Resynchronize HIS PMS |
* |
* |
|
|
|
|
|
Manually Purge Messages |
* |
* |
|
|
|
|
|
Perform System Shutdown |
* |
* |
|
|
|
|
|
Set Site Name, Site Code, or Site Banner |
* |
* |
|
|
|
|
|
Perform Backup/Restore |
* |
* |
|
|
|
|
|
Manage Class of Service |
* |
* |
* |
|
|
|
|
Edit/Activate Offline Configuration |
* |
* |
* |
|
|
|
|
Configure Speech Auto Attendant |
* |
* |
* |
|
|
|
|
Configure Unified Messaging |
* |
* |
* |
|
|
|
|
Configure Call Director |
* |
* |
* |
|
|
|
|
Enable Alarm Management |
* |
* |
* |
|
|
|