System information

FCD 901 48

Issue R2A, 07.2009

XMP1 Release 5.5 System Description

Safety

Page 6-16 Proprietary Information Aastra

SOX Server

In the default configuration, an authorization check is not executed in the

SOX Server. Each user has all rights.

Optionally, it is possible to activate a check for user rights in the

SOX Server. This is done via the configuration file or command line

parameters. ’

See Section , SOX Server side . -> SecurityMode = azman.

In this case, the SOX Server uses the Microsoft Authorization Manager

(AzMan).

The Microsoft Authorization Manager (AzMan) supports a role-based

security model. Using the Microsoft Authorization Manager, an own

authorization system will be implemented in the SOX Server.

This authorization system (AzMan) then uses the roles to check the actions

the SOX Client user may execute.

Using the authorization system (AzMan), users not authorized are

prevented from sending data into the XMP1 network, e.g. starting a

software download.

Note: The authorization system of the Database Server remains

active and controls database access. Each SOX user must be

assigned appropriate authorizations in the database.