Station Configuration

Use the Station configuration (T0) info area to define the tracking of sessions and processes, password settings and blocking mechanisms for individual stations.

Only one configuration record can be added per station.

To add a new record:

  1. Switch to the Station Configuration info area.
  2. Click on (New).
  3. Enter the station number in the Stat. No. field.
  4. Configure the following settings on the General tab:
    • Session tracking/Session tracking Web: Enables session tracking for Windows or Web clients on this station, see Session Tracking.
    • Process tracking/Process tracking Web: Enables process tracking for Windows or Web clients on this station, see Process Tracking.
    • Windows Trace/Web Trace: Enable these fields to activate the SQL logs for Aurea CRM win and Aurea CRM web.
    • Cat. refresh frq.: Determines how often (in minutes) Aurea CRM should check whether catalogs have been updated by other users (manually, via import or catalog maintenance), see Catalogs. The default value is 30 minutes.

      The value in this field is also used to query for changes to the Configuration table (MC), see Configuration, and for variables, see Defining Variables. Deleted catalogs and configuration entries are refreshed every 120 minutes.

      The user cache is refreshed at the frequency defined in Cat. refresh frq. (the roles assigned to a user are stored here).

      The roles cache (i.e. the login role records) is refreshed every 60 seconds.

    • Format refresh frq.: Applies to Aurea CRM web only. Indicates how often formats should be refreshed.
    • User Tracking Frequency/User tracking frq. Web: Determines the interval in which Aurea CRM updates records in the User Tracking info area.
    • Last system check: Date on which the license report was last executed, see License Report.
    • Domain: Default domain for the station, i.e. domain for all users for whom no domain is entered.
  5. Use the Password tab to configure the password settings for the station, see Password Security.
  6. Configure the blocking mechanism applied when users log on using an incorrect password, see System Blocking.
  7. Save the record.

    The system checks for updates of these settings once per minute.

Password Security

To guarantee greater security, Aurea CRM allows you to specify that passwords must be changed at regular intervals and must meet certain criteria. In addition, you can enable the blocking mechanism, which prevents a user from attempting to log in after a specified number of failed attempts, see System Blocking.

You can configure the following settings on the Password tab in the Station Configuration info area:

  • Frq. PW Update in days: Number of days after which users must change their passwords.
  • Minimum PW Length: The minimum password length. The maximum length is 128 characters, which is sufficient to prevent against brute force attacks.
  • Passwords in History: The number of passwords stored in the history that may not be used again (maximum: 10).
  • Password History: The number of characters in the next password that may not be repeated in the same order (possible values: 0 = no limit; 3, 4, ...)
  • PW must contain digits: If enabled, the password must contain at least one digit.
  • PW must contain letters: The password must contain at least one letter.
  • PW must not contain user name: The password must not contain the user name.
  • PW must contain upper and lower case: New passwords must contain both upper and lower case.
    Note: If you enable this option and export or import users in the Export/Import modules (Login/US info area), you need to include the Password and Encrypted Password fields in the export/import format.
  • PW may not be in blacklist: Words entered in the blacklist may not be used as passwords. The blacklist is defined in the Configuration info area, see Security.
    Note: You can configure certain password settings for individual users, see Password Settings. User-specific settings take precedence over station-specific settings.

    You can exclude certain users from the password settings (e.g. the communication user) by enabling the Deactivate Password or Ignore PW Settings option in the Configure Login window.

When Aurea CRM is started, the system checks whether the user's password must be changed and whether it meets the defined security criteria. If one of these criteria is not met, the user is prompted to change their password. The systems also checks whether the new password meets the security criteria.

System Blocking

Aurea CRM provides a variety of blocking mechanism to protect the system against unauthorized access.

If one of the blocking mechanisms is enabled, a neutral message is displayed informing the user that a login error has occurred (instead of a specific error message).

The following options are available for each station on the Blocking tab in the Station Configuration info area:

  • Max. no of failed login attempts: Number of failed login attempts before the user can no longer log in.
    Note: The maximum number of login attempts can be defined for both stations and users (in the Configuration module or in the Configure Login window). User-specific settings take precedence over station-specific settings. The maximum number of failed login attempts also applies to the SU.
  • Track Login Attempts: Failed login attempts are logged in the Process Tracking info area (Process: "(8000) Login", Text: "<Computer name>: Incorrect password").
  • Max. Blocking: Enables the blocking mechanism for the maximum number of failed login attempts on this station.

    If a user enters an incorrect password, the value in the No. of failed login attempts (in the Configuration module or the Configure Login window) is increased by 1. Once the number of attempts reaches the value in the Max. No. of failed login attempts field (in the Configuration module or the Configure Login window), the user is no longer allows to log in.

    Reset the value in the No. of failed login attempts to 0 (zero) in the Configuration module or Configure Login window to allow the user to log in again.

    If the Ignore max. no of failed login attempts option is enabled for a user, the user is exempted from this blocking mechanism.

  • Exponential Blocking: Enables exponential blocking for the station.

    If a user enters an incorrect password, the value in the No. of failed login attempts (in the Configuration module or the Configure Login window) is increased by 1. The system is locked for 2n seconds (where "n" is the number of failed login attempts).

    Once the correct password has been entered, the value in the No. of failed login attempts is reset to 0 (zero).

    Note: The maximum time that the SU is blocked is limited to approximately 17 minutes (210 seconds).