Materials Control. Password & User Account Management. Product Version Joerg Trommeschlaeger

Similar documents
Materials Control. Installation MC POSWebService. Product Version Joerg Trommeschlaeger. Date: Version No. of Document: 1.

Recipe Calculation Survey. Materials Control. Copyright by: MICROS-FIDELIO GmbH Europadamm 2-6 D Neuss Date: August 21 st 2007.

Materials Control. eforms for Articles. Product Version e-forms for Articles Joerg Trommeschlaeger.

Materials Control Recipe Reduction based on Article Defaults

Materials Control. Account Classes. Product Version Account Classes. Document Title: Joerg Trommeschlaeger

Materials Control. Future Price Quotes. Copyright by: MICROS-FIDELIO GmbH Europadamm 2-6 D Neuss Date: November 2010.

Oracle Hospitality OPERA Exchange Interface Cloud Authentication. October 2017

Materials Control. Purchase Orders Internal Attachments. Product Version: Attachments Joerg Trommeschlaeger.

Materials Control. Application Translation. Product Version Translation Joerg Trommeschlaeger. Document Title:

Oracle Enterprise Manager Ops Center

Oracle Hospitality Query and Analysis Languages and Translation Configuration Guide. March 2016

Oracle Hospitality Suite8 Export to Outlook User Manual Release 8.9. July 2015

Oracle Communications Configuration Management

User Manual. Materials Control. Production Tool. Copyright by: MICROS-FIDELIO GmbH Europadamm 2-6 D Neuss Date: March 2012.

Defining Constants and Variables for Oracle Java CAPS Environments

Oracle Hospitality RES 3700 Server Setup Guide Release 5.5 E May 2016

Oracle Retail MICROS Stores2 Functional Document Sales - Receipt List Screen Release September 2015

Report Management and Editor!

Oracle Hospitality MICROS Commerce Platform Release Notes Release Part Number: E December 2015

Managing Zone Configuration

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Installing and Updating Local Software Packages 12c Release

JavaFX. JavaFX System Requirements Release E

PeopleSoft Fluid Required Fields Standards

Materials Control. Advanced Authorization. Copyright by: MICROS-FIDELIO GmbH Europadamm 2-6 D Neuss Date: January 2010.

Materials Control. Daily Totals. Product Version Daily Totals. Document Title: Joerg Trommeschlaeger

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Hardware and Software Configuration

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need

What s New for Cloud at Customer What's New for the Cloud Services on Oracle Cloud at Customer New Documentation for Oracle Cloud at Customer

Microsoft Active Directory Plug-in User s Guide Release

Oracle mymicros.net, icare, myinventory and mylabor Self Host Release Notes Release v April 2015

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need

Copyright 1998, 2009, Oracle and/or its affiliates. All rights reserved.

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Creating vservers 12c Release 1 ( )

Oracle Retail MICROS Stores2 Functional Document Stores2 for Portugal Disaster Recovery Release

Oracle Hospitality Cruise Shipboard Property Management System Topaz Signature Device Installation Guide Release 8.00 E

Materials Control. Remote Update. Product Version Remote Update. Document Title: Joerg Trommeschlaeger

Oracle Payment Interface Installation and Reference Guide Release E April 2018

Database Change Reference Release 6.3

Oracle Utilities Opower Custom URL Configuration

PeopleSoft Fluid Icon Standards

Oracle Utilities Meter Data Management Release Utility Reference Model Maintain Generic Usage Subscription

OKM Key Management Appliance

Security Guide Release 4.0

Quick Start for Coders and Approvers

Spend less on file attachment storage space Reliably back up your data or file attachments Use your OpenAir data in your reporting tools

Oracle Communications Policy Management Configuring NetBackup for Upgrade Method of Procedure

JD Edwards EnterpriseOne Licensing

1 Understanding the Cross Reference Facility

Oracle MICROS Simphony Server Setup Guide Server Version 1. April 2015

Oracle Enterprise Manager Ops Center. Introduction. Creating Oracle Solaris 11 Zones 12c Release 2 ( )

Oracle Linux. UEFI Secure Boot Signing Key Update Notice

Oracle Utilities Work and Asset Cloud Service End-User Provisioning Guide

Introduction to Auto Service Request

Managing Personally Identifiable Information in P6 Professional

Oracle Hospitality Cruise Meal Count System Security Guide Release 8.3 E

Oracle. Field Service Cloud Using Android and ios Mobile Applications 18B

New Features in Primavera Professional 15.2

Oracle Enterprise Manager Ops Center. Overview. What You Need. Create Oracle Solaris 10 Zones 12c Release 3 ( )

Microsoft Internet Information Services (IIS) Plug-in User s Guide Release

Taleo Enterprise Deep Linking Configuration Guide Release 17

Export generates an empty file

Oracle MICROS Self Host Release Notes Release v March 2015

Oracle Enterprise Manager

Oracle. Field Service Cloud Using the Parts Catalog

Module Code Entries Utility Oracle FLEXCUBE Universal Banking Release [December] [2016]

Oracle Hospitality Simphony First Edition Venue Management (SimVen) Installation Guide Release 3.8 Part Number: E

Microsoft.NET Framework Plug-in User s Guide Release

Oracle Hospitality Suite8 XML Export of Invoice Data for Hungarian Tax Authority Release and Higher E November 2016

Oracle Retail MICROS Stores2 Functional Document Malta Taxation Release July 2017

Oracle Cloud E

Oracle Argus Safety. 1 Configuration. 1.1 Configuring a Reporting Destination for the emdr Profile. emdr Best Practices Document Release 8.0.

What s New for Oracle Cloud Stack Manager. Topics: July Oracle Cloud. What's New for Oracle Cloud Stack Release

Oracle Enterprise Manager Ops Center

Oracle Simphony Venue Management (SimVen) Installation Guide Release Part Number: E

Live Help On Demand Analytics

Oracle Utilities Work and Asset Management

Oracle Hospitality Simphony Engagement Cloud Service Release Notes Release 2.0 E January 2016


Oracle Hospitality Cruise Silverwhere Release Notes for GDF Interface and Template Release 8.0. March 2016

Oracle Communications MetaSolv Solution

Contents About Connecting the Content Repository... 5 Prerequisites for Configuring a Content Repository and Unifier... 5

Oracle Enterprise Manager Ops Center. Introduction. Creating Oracle Solaris 11 Zones Guide 12c Release 1 ( )

Oracle Utilities Work and Asset Management

Oracle Hospitality ecommerce Integration Cloud Service Security Guide Release 4.2 E

Oracle Utilities Customer Care and Billing Release Utility Reference Model a Load Meter Reads

October 14, Business Intelligence Connector Guide

Oracle Communications Convergent Charging Controller. Sample Message Flows Reference Guide Release 6.0.1

Oracle Hospitality Cruise Fine Dining System Security Guide Release E

Oracle Fusion Middleware Oracle Stream Analytics Release Notes. 12c Release ( )

Release Notes for Oracle GoldenGate for Big Data 12c ( )

Oracle Hospitality ecommerce Integration Cloud Service Security Guide Release 18.1 E

Oracle Hospitality BellaVita Hardware Requirements. June 2016

Oracle Cloud What's New for Oracle WebCenter Portal Cloud Service

Oracle Hospitality Materials Control. Server Sizing Guide

Oracle Hospitality e7 Point-of-Sale Release Notes. Release 4.2

Apple Safari Settings Oracle FLEXCUBE Release [May] [2017]

Oracle Hospitality Materials Control Release Notes. Release 8.32

Installer Troubleshooting Oracle FLEXCUBE Universal Banking Release [October] [2015]

Oracle Utilities Customer Self Service

Oracle Retail Order Broker (Locate) Release Notes Release 5.2. December 2014

Transcription:

MICROS Password & User Account Management Product Version 8.7.30.37.1457 : : : Date: 12.03.2013 Version No. of Document: 1.2

Copyright 2015, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle. Page 2 of 26

Table of Contents INTRODUCTION: 4 FUNCTIONALITY:... 4 PASSWORD ENCRYPTION... 4 PASSWORD CASE-SENSITIVE... 5 LAST LOGIN:... 5 ENABLE PASSWORD MANAGEMENT:... 6 FORCE PASSWORD CHANGE MANUALLY:... 10 PASSWORD MASK:... 11 PASSWORD LENGTH:... 12 PASSWORD RE-USE:... 12 PASSWORD RETRIES & ACCOUNT LOCK:... 13 PASSWORD EXCLUSION LIST:... 15 FORBIDDEN PASSWORDS:... 17 AUTOMATED ACCOUNT LOCKING:... 22 SCHEDULER > DAILY MAINTENANCE... 22 Page 3 of 26

Introduction: Functionality: This document will explain in detail the features related to password management in. The minimum required version of is 8.6.6.30.17.1338. The application offers several features & functions to control password policies within. Some of the functions described below are available since older versions, some were introduced with the above mentioned version, some features were introduced in higher versions. All features are supported by the classic thick client of as well as MCweb (where applicable). Password Encryption Version 8.7.20.xx and higher: Since our customers are looking more on data security the user passwords are stored in the database as encrypted strings. They cannot be viewed in clear text with any tool: The encryption algorithm used by the application also incorporates the user name as well. As a result of this a change of the user name always requires the change of the password as well: NOTE: There is no secret backdoor entry! If the passwords are lost the database is unusable! Page 4 of 26

Password Case-Sensitive Version 8.7.20.xx and higher: The user passwords are case-sensitive, means if the user enters Micros as password, the system will read it as Micros and not as e.g. micros. User passwords are mostly defined in lowercase only. On order to ensure the login after the update, all user passwords are converted to lowercase automatically during the update. So if a user has had MICROS or Micros or micros (would not have made a difference since the application ignored the case until now!) as password before the update, it will be stored as micros after the update. From now on the application will store the password as entered (and encrypted) in the application. Last Login: Go to System > Users > select any user: Here the last login Date & Time stamp is shown. Page 5 of 26

Enable Password Management: This option will force the users to change their passwords after a defined time frame. Go to System > Database Update > Settings > click on Password Management : Here it can be defined after how many days the passwords will expire how many days before the warning will be displayed Force Password Expiry o Expires in xx days Here the user can define the number of days before the password expires. Enable Password Expiry Warning o Warning xx days before Here the user can define how many days in advance a warning message will come up at login: Page 6 of 26

If the user clicks on Yes he can change the password directly: Here the user can now enter the new password. It is not allowed to use the same password again. If the user tries to do so, the system gives a message: If the new password was entered and once more confirmed, the system will show this message: In case the warning period is already elapsed the following message is shown: Page 7 of 26

Click on OK to change the password: Here the user can now enter the new password. It is not allowed to use the same password again. If the user tries to do so the system gives a message: If the new password was entered and once more confirmed, the system will show this message: Page 8 of 26

In version 8.7.30 and higher selected users could be excluded from the password expiry. Similar to the Microsoft Windows User Control it now can be defined per user that the password for selected users never expires. But using the function User must change password on next Login it is still possible to force the user to change the password at next Login. Page 9 of 26

Force Password Change manually: If password management is enabled the application also offers to force the password change manually. If this option is activated the user will receive a message at next login: Now the user clicks OK to continue Here the user can now enter his new password. It is not allowed to use the same password again. If the user tries to do so, the system gives a message: Page 10 of 26

Password Mask: This parameter allows to define mask rules for the passwords: Allowed values: 0 = No Rule. The password can be numeric only or alphabetic only, no requirement for special characters. 1 = The password must contain characters and numbers. If a password should be saved not fulfilling this rule, the following message is shown: 2 = The password must contain characters, numbers and special characters. These are the supported special characters:! $ % & / \ ( ) =?., : - _+ * ~ # If a password should be saved not fulfilling this rule, the following message is shown: Page 11 of 26

Password Length: Using this function the minimum length of the password can be defined: If the password is not long enough, the following message is shown: Password Re-Use: This parameter allows to forbid the re-use of passwords. If set to T, the last eight passwords are saved in the database. The application will check these entries, if a user tries to change the password. Page 12 of 26

Password Retries & Account Lock: The following parameters can be used to define the number of allowed retries until the account will be locked for a defined time frame. Here simply define the number of allowed re-tries. In case a user enters (here) 3 times the wrong password, the account will be locked for the number of minutes defined in the following parameter: Page 13 of 26

If no value is defined here, both parameters will not be considered. After the account was locked by the system, the user now can - wait until the account will be opened by the system again (see message!) - contact the system administrator, who can unlock the account in the user management Page 14 of 26

Password Exclusion List: Version 8.7.30.xx and higher: A new function was added which allows the customer to specify forbidden passwords. This list of passwords is secured by a user right. This can be found in the section System, sub section > SYSTEM FUNCTIONS and is named Edit Password Exclusion List : If set: The user can access and modify the list. If not set: The user can not access the list. The list itself can be accessed from any module in the System section from the menu System : The list itself is a very simple tool. Page 15 of 26

Just use New button to add new terms or the Delete Flag to remove. As next step the password check must be activated. Go to System > Configuration > CUSTOM and search for the parameter ADDPWDSECURITYPWDBLOCK: Once this parameter is set to T the system will check every new entered password against the defined list: The user now can confirm with OK, but has to define a different password. NOTE: Existing passwords will not be checked. The application only checks new entered passwords! Page 16 of 26

Forbidden Passwords: Version 8.7.30.xx and higher: Besides the explicitly defined excluded terms also terms used in the application could be forbidden to be used as passwords. It allows to block Article Names, Login Names, User Names, Supplier Names and Cost Center Names. Go to System > Configuration > CUSTOM and search for the parameters shown below: Article Names: In order to forbid the use of article names the parameter ADDPWDSECURITYARTNAME must be set to T: Once activated, article names cannot be used as passwords anymore. This function is not case-sensitive, means it does not check for small or capital characters. Using the example above Aceto Balsamico will not be allowed as well as e.g. aceto balsamico Page 17 of 26

User Names: In order to forbid the use of user names the parameter ADDPWDSECURITYBSTLONGNAME must be set to T: Once activated, user names cannot be used as passwords anymore. This function is not case-sensitive, means it does not check for small or capital characters. Using the example above SystemAdministrator will not be allowed as well as e.g. systemadministrator Page 18 of 26

Login Names: In order to forbid the use of login names the parameter ADDPWDSECURITYBSTNAME must be set to T: Once activated, login names cannot be used as passwords anymore. This function is not case-sensitive, means it does not check for small or capital characters. Using the example above admin will not be allowed as well as e.g. AdMiN Page 19 of 26

Cost Center Names: In order to forbid the use of cost center names the parameter ADDPWDSECURITYKSTNAME must be set to T: Once activated, cost center names cannot be used as passwords anymore. This function is not case-sensitive, means it does not check for small or capital characters. Using the example above Holiday Park Hotel will not be allowed as well as e.g. holiday park HOtEl Page 20 of 26

Supplier Names: In order to forbid the use of supplier names the parameter ADDPWDSECURITYARTNAME must be set to T: Once activated supplier names cannot be used as passwords anymore. This function is not case-sensitive, means it does not check for small or capital characters. Using the example above Mr Drink will not be allowed as well as e.g. mr drink The configurations explained above will be considered every time a password is renewed or entered the first time. Existing passwords are not affected unless they need to be changed. If then a not allowed password is entered the application will show the message below: Page 21 of 26

Automated Account Locking: A new function was added to enhance the security package. Pretty often, if an employee quits his job in the hotel, the user account remains active. This is a security risk. To avoid such forgotten active accounts a function was implemented to disable unused accounts. Go to System > Configuration > [CUSTOM]: Here the number of days of inactivity must be defined. If a user did not login into for e.g. 30 days this account would be considered in the new Daily Maintenance described in the separate chapter below. Scheduler > Daily Maintenance This function is used to summarize scheduled jobs which should be executed regularly at every installation. The access to this function is secured by a new user right. Go to System > Users > Rights: Page 22 of 26

This right will enable the access to the Daily Maintenance Job. Go to System > Scheduler > click on New Job : Here the new job Daily Maintenance can be selected now. Define all scheduling parameters as needed. It is recommended to execute this job daily, during the night, after the POS Import. Switch to the tab Daily Maintenance. Here the parameters for the single parts of this job are shown: At this point of time just the job Automated User Locking is available in the Daily Maintenance. Mark the checkbox and save the job as usual. After execution of the Daily Maintenance the application will try to send an email with the results. Page 23 of 26

The attachment shows in detail which user accounts were disabled. Pre-requisites: Email Configuration must be completed Scheduler User Defintion Page 24 of 26

The defined scheduler user needs to be configured properly. Most important: the user should be inactive. This will make the use of this ID for any othe prurpose impossible. Email Address: Define the receipients email address. The scheduler will send the log of the Daily Maintenance to this address. Link Scheduler User : In the module Scheduler switch to the tab Service Setup : Here the Scheduler User must be linked. Once finished the job will also create an entry in the Scheduler Job History: Page 25 of 26

Deactivated users now will receive the following message: MICROS-FIDELIO GmbH Europadamm 2-6 41460 Neuss Germany Phone: +49 2131-137 0 l Fax: +49 2131-137 777 Page 26 of 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback