cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Did you get an answer that solved your problem? Please mark it as an Accepted Solution so others with the same problem can find the answer easily. X

Translate the entire conversation x

Allowing Outside Access Best Practices

keithschm
1-Visitor
1-Visitor
‎Jun 23, 2011 11:03 AM
‎Jun 23, 2011 11:03 AM

Allowing Outside Access Best Practices


Server has a dedicated outside IP to the firewall.


I have audited all user namesand passwords to make sure they are secure and not simple.


I am verifying if the vendor has a static IP then I can limit access based on that.


Labels:
0 Kudos
Notify Moderator
4 REPLIES 4
ddemay
7-Bedrock
7-Bedrock
(To:keithschm)
‎Jun 23, 2011 12:30 PM
‎Jun 23, 2011 12:30 PM

Did you look up insecure configuration for apache tomcat circa march 2011?

Principal admin allows change of wcadmin password as does any ldap v3 client that let's you see what is in aphelion or Windchill DS...


Sent from my Verizon Wireless BlackBerry
0 Kudos
Notify Moderator
MikeLockwood
22-Sapphire I
22-Sapphire I
(To:keithschm)
‎Jun 23, 2011 12:31 PM
‎Jun 23, 2011 12:31 PM

1. Best by far to integrated with your active directory (requires two lines of code in one Apache file) and therefore have Windchill pull current passwords from the network. Note: This requires a new Site admin, replacing wcadmin.

2. For your outside party, consider isolating their access by Product / Library.
0 Kudos
Notify Moderator
Not applicable
(To:keithschm)
‎Jun 23, 2011 02:47 PM
‎Jun 23, 2011 02:47 PM

Changing your wcadmin password is very important. But, it may cause you
problems.



Visualization is often setup using the user and authentication from the
adapter is through a plaintext file. Usually this is handled with the file
<windchill>/auth.properties.



See the reference documents as they have sections about securing the various
plain text files.



~Dan


0 Kudos
Notify Moderator
ptc-2126057
1-Visitor
1-Visitor
(To:keithschm)
‎Jul 05, 2011 04:55 AM
‎Jul 05, 2011 04:55 AM

You can set the following property to enable the password change by users themselves.


<property name="wt.org.services.userPasswordChangeEnabled" overridable="true"&lt;br"/> targetFile="codebase/wt.properties"
value="true"/>


After setting this property go to Home-->Utilities-->Profile-->Actions-->Edit Password



DISCLAIMER: Author doesn't responsible for any unforeseen things happened due to implementing the suggested process

0 Kudos
Notify Moderator
Announcements
Contact Community Management
Top Tags