Neoview User Management and Security Administration Guide (R2.5)
Table 2-2 Neoview Password Encryption Policies (continued)
CommentInitial ValuePolicy Name (HPDM)
Input Parameter Name
(NCI)Display Name (NCI)
Specifies whether login
requests are accepted from
clients that do not provide
password encryption. A policy
change requires restart of
services as described in
“Restarting NDCS Services
After Policy Changes”
(page 39)
YAllow Down-rev
Drivers to Connect
drevdriversAllowPreR25Drivers
Specifies whether, in the
interest of faster local
authentications, the following
security features are disabled:
• Requiring platform users
to present two passwords
for login to platform-level
command interpreters
• Preventing database users
from logging in to
platform-level command
interpreters
• Logging of direct platform
access
NOptimized for Local
Access
laccessOptimizeForLocalAccess
On your Neoview platform, the following encryption policy settings apply by default:
• A certificate is automatically downloaded to the client workstation when the user first logs
on.
If the same workstation is used to connect to multiple Neoview platforms, a unique certificate
is downloaded for each platform.
• Certificates do not expire.
• Logon requests from clients that do not provide password encryption (i.e., from clients
associated with general availability releases earlier than Release 2.5) are rejected.
WARNING! The initial value of AllowPreR25Drivers is Yes. This setting is intended
to allow connection by both older and newer clients for the period during which workstations
are being upgraded from older versions of clients to newer ones. Once the upgrade is
complete, it is best to change AllowPreR25Drivers to No again. Using older clients with
a Neoview platform running Release 2.5 compromises the security of communications
between workstations and the Neoview platform.
Viewing Password Encryption Policy Settings
The Security Manager can use the Certificate and Connection tab of the HPDM Policies dialog
to view the current password encryption policy settings. He or she can use the NCI INFO CERT
POLICY command to view the setting for Auto_Download or CertExpiry but not to see
whether the configuration permit connection from older clients that do not provide password
encryption.
For additional information about using the HPDM Policies dialog to view policy settings, see
the HPDM Online Help.
42 Post-installation Security Setup Tasks