Microsoft 4.5.X manual Super-User Configuration, Adding new Super-User Groups

Page 85

button. The default timeout period is 20 minutes, but if you have a need to make your environment more secure, you can set this as low as 1 minute.

Allowed charset – This is the set of characters (case insensitive) which are acceptable in user-defined answers. Both the answer configuration and identity verification login will use this set to filter the answers before performing any queries to the database. This prevents SQL injection attacks and use of SQL escape characters in the answer strings. By default, this includes the letters A-Z, the number 0-9, and the space character.

The Account Reset Console also protects you from other malicious attacks in the following automatic ways:

Sessions, not cookies – ARCWeb uses only server-side sessions to store login information, not client-side cookies. Names and passwords are not transmitted repeatedly over the network.

Entirely SSL-capable– ARCWeb can be run on a secure HTTP (HTTPS) web server. This will protect all network communications from interception.

Server-side answer verification – All user-provided answer strings are checked in the application logic, not transmitted to the database. Thus, your source databases are protected against SQL injection attacks.

Super-User Configuration

Overview

Super-Users, or users who can access the “Configuration” menu in the Account Reset Console, are not set by normal administrators. These users must be set through the Super- User configuration screen. Super-Users have all access rights to the console, although they do not necessarily have any reset rights for other groups (see “Managing Group Access Rights”, above).

Super-User configuration is located under the “Configuration” menu item, in the “Super-Users” tab. The Super-User configuration can be managed by users with super-user account privileges.

Adding new Super-User Groups

Super-Users are designated at the domain or local group level, not by individual user account name. Any domain or local group may be designated as a super-user group.

The group(s) which are granted super-user access will be able to configure the properties of ARC such as database, logging, and verification question information.

Page 78 of 94 - Administration Manual - Copyright 2007 - Lieberman Software Corporation - All Rights Reserved

Image 85
Contents Account Reset Console Administration Guide Table of Contents Page Page Page Page Page Copyright Notice License Agreement Country of Origin Limited Warranty Pre-Usage Considerations Thanks for using the Account Reset Console Welcome to the Account Reset ConsoleAccount Reset Console Web Interface Getting Started Page Page Granting super-user access rights Configuring the Account Reset ConsoleOverview Page Configuring managed domains Setting up data sources and logging Selecting program features Account Reset Features Password Change Features Configuring email Program Access Setting up group permissionsGroup Access Viewing logs Configuring Verification Questions and Answers AdvancedPage Page Page Reviewing Data Security Advanced Updating the application’s appearance Advanced Page Scheduling tasks Advanced Setting up the mobile site AdvancedPage Page Configuring licensing Advanced Changing Your Password Changing Your Own PasswordResetting Accounts Resetting User AccountsLooking Up User Data Account Reset OptionsIdentity Configuration Setting Up Identity Information Log Viewing Options Log ViewingViewing the Access Log Viewing the Action Log Scheduling Management ReportsCreating and Viewing Management Reports Adding Reports Running Reports Immediately Editing Report SettingsViewing Management Reports Report Viewing Options Scheduling Account Tasks Adding Tasks Creating and Viewing Account TasksEditing Task Intervals and Actions Running Tasks ImmediatelyPage Viewing Account Task Reports Report Viewing Options Page Program Access Levels Set Program Access RightsViewing or Deleting Existing Access Rights Adding Access RightsPermission Stacking Group Access Rights Set Group Access RightsGroup Access Permissions Account Reset Options Set Account Reset FeaturesPage Set Password Change Features Password Change Options Page Configuring Email Configuring Email SettingsPage Appearance Managing the Account Reset Console AppearanceAltering the Page Header ColorsCustomizing the Main Menu Customizing the Side Menu Customizing the Page ContentManaging the Mobile Settings Configuring Mobile SettingsViewing Available Data Sources Data SourcesAdding a Data Source How the Account Reset Console tests data sourcesEditing a Data Source Editing a Microsoft SQL Server Data Source Editing a Microsoft Jet Data SourceViewing the Log Configuration Logging ConfigurationEditing a General ADO-Compatible Data Source Changing the Log Database User Verification ConfigurationLog Requirements Adding and Removing Questions Editing Question Configurations Setting the Test UserVerification Query Types String Replaced With Example Designing QueriesPage Managing Domains Domain ConfigurationViewing Domain Details Setting the Default DomainManaging Application Security Application SecurityAdding new Super-User Groups Super-User ConfigurationSuper-User Permissions Viewing or deleting existing Super-User GroupsChanging or Viewing License Information LicensingPage ARCWeb Site Index Appendix a TroubleshootingPage Page

4.5.X specifications

Microsoft 4.5.X represents a significant evolution in the company's software development frameworks, particularly focusing on enhancing the development experience for modern applications. This iteration builds upon the strengths of its predecessor, bringing a host of new features, improved performance, and powerful tools for developers.

One of the standout features of Microsoft 4.5.X is the introduction of asynchronous programming capabilities. This allows developers to write code that can perform multiple tasks simultaneously without blocking the main execution thread, leading to more responsive applications. By utilizing the async and await keywords, developers can easily manage asynchronous operations, making their applications more efficient and responsive to user interactions.

Additionally, Microsoft 4.5.X enhances support for modern web applications with the inclusion of features such as Web API, which simplifies the process of building robust RESTful services. This allows developers to create applications that can communicate with various data sources and client applications seamlessly. Coupled with the integration of SignalR, real-time web functionality is made simple, enabling scenarios such as live chat applications or real-time data updates.

Another key component is improved support for modern devices and platforms. The framework now includes better integration with cloud services, allowing developers to leverage Microsoft Azure more efficiently. This shift not only streamlines deployment but also enhances application scalability and reliability. Developers can take advantage of cloud storage, compute power, and various other services that Microsoft Azure provides, ensuring their applications can grow with user demand.

Performance enhancements are also a focus in Microsoft 4.5.X. The framework includes better memory management, reduced startup times, and overall improved runtime performance. These optimizations empower developers to create applications that not only perform better but also provide a smoother user experience.

Moreover, Microsoft has placed a significant emphasis on modern standards and protocols. Support for HTML5, CSS3, and JavaScript allows developers to create rich web applications that perform across all major browsers. Additionally, the framework includes capabilities for building Windows Store apps, facilitating a broader reach for developers.

In summary, Microsoft 4.5.X introduces advanced asynchronous programming, robust RESTful service capabilities, enhanced cloud integration, and a focus on performance and modern web standards. These features collectively empower developers to create high-quality, efficient applications that meet the needs of today's users, setting a strong foundation for future innovations in software development.