Share via


Configure the PIN Lifetime on a UM Mailbox Policy

 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

You can configure the PIN lifetime for users who are enabled for Unified Messaging (UM). The PIN lifetime is the maximum time that an Outlook Voice Access PIN will be valid for your UM-enabled recipients in Microsoft Exchange Server 2010. The PIN lifetime setting is configured on a UM mailbox policy and applies to all UM-enabled users associated with the UM mailbox policy.

Several PIN-related settings can be configured on a UM mailbox policy. The PIN lifetime setting controls the time interval, in days, from the date Outlook Voice Access users last changed their PIN to the date they'll be forced to change their PIN again. The range is 0 through 999, and the default is 60 days. If you enter 0, the user's PIN won't expire. But we don't recommend that you configure this setting to 0. By configuring this setting to 0, you greatly reduce the security of your network.

Important

Unified Messaging doesn't notify users when their PIN is about to expire.

Looking for other management tasks related to UM mailbox policies? Check out Managing UM Mailbox Policies.

Prerequisites

Use the EMC to configure the PIN lifetime

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "UM mailbox policies" entry in the Unified Messaging Permissions topic.

  1. In the console tree, navigate to Organization Configuration > Unified Messaging.

  2. In the work pane, on the UM Mailbox Policies tab, select the UM mailbox policy you want to manage, and then, in the action pane, click Properties.

  3. On the UM mailbox policy Properties page, click the PIN Policies tab.

  4. On the PIN Policies tab, next to PIN lifetime (days), enter a value between 0 and 999.

  5. Click OK to save your changes.

Use the Shell to configure the PIN lifetime

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "UM mailbox policies" entry in the Unified Messaging Permissions topic.

This example sets the number of days that a PIN can be used for UM-enabled users who are associated with a UM mailbox policy named MyUMMailboxPolicy to 30.

Set-UMMailboxPolicy -Identity MyUMMailboxPolicy -PINLifetime 30

This example configures the following PIN related settings for UM-enabled users who are associated with a UM mailbox policy named MyUMMailboxPolicy:

  • Sets the number of logon failures before the user's PIN is reset to 3

  • Sets the maximum number logon attempts to 5

  • Sets the minimum PIN length to 9 digits.

  • Sets the PIN to expire in 40 days.

Set-UMMailboxPolicy -Identity MyUMMailboxPolicy -LogonFailuresBeforePINReset 3
-MaxLogonAttempts 5 -MinPINLength 9 -PINLifetime 40

For more information about syntax and parameters, see Set-UMMailboxPolicy.

Other Tasks

After you configure the number of logon failures before a mailbox is locked out, you may also want to:

 © 2010 Microsoft Corporation. All rights reserved.