Share via


Configuring Security for Unified Messaging Users

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

 

Applies to: Exchange Server 2007, Exchange Server 2007 SP1, Exchange Server 2007 SP2, Exchange Server 2007 SP3

In Microsoft Exchange Server 2007 Unified Messaging, PIN policies are defined and configured on a UM mailbox policy. Multiple UM mailbox policies can be created, depending on your requirements. When you enable a user for Unified Messaging, you associate or link the user to an existing UM mailbox policy. The UM PIN policies that are configured on the UM mailbox policy should be based on the security requirements of your organization.

Unified Messaging PIN Security

A PIN is a numeric string that is used in certain systems, including unified messaging systems, so that a user can be authenticated and gain access. A PIN is a pass code that a user enters on the telephone to access their Exchange mailbox. The strength of the PIN depends on its length, how well it is protected, and how difficult it is to guess.

When you configure PIN settings for a UM-enabled user, you will configure and manage PIN settings on the UM-enabled user's Exchange 2007 mailbox and on the UM mailbox policy that is associated with the UM-enabled user.

  • When a subscriber or a UM-enabled user uses a telephone to connect to a computer that has the Exchange 2007 Unified Messaging server role installed, they use Outlook Voice Access to move through the Unified Messaging menu system. However, before the user can access the Unified Messaging system, the system prompts them to input their PIN. As the administrator, you can configure PIN settings and requirements and perform PIN management tasks.

For more information about how to configure and manage PIN settings for UM-enabled users, see the following topics:

UM mailbox policies can be configured to increase the level of security for UM-enabled users by requiring users to comply with the predefined PIN policies for your organization.

When you modify a UM mailbox policy, you can change such settings as PIN policies, message text settings, and dialing restrictions for a single UM-enabled recipient or for multiple UM-enabled recipients. UM mailbox policies can be configured to increase the level of security for UM-enabled users.

You can increase the level of security for your network by correctly implementing and configuring the following PIN settings on a UM mailbox policy:

  • The minimum number of digits that are required for a PIN

  • The time, in days, that a PIN is accepted by the system

  • The number of times attempts to log on can fail before the user's PIN will be reset

  • The maximum number of logon attempts before the user is locked out of their mailbox.

  • Whether to allow users to use common patterns in their PIN

  • The number of past PIN entries that the system should remember

For more information about how to configure these and other PIN settings on a UM mailbox policy, see the following topics:

For More Information