Securing Ektron CMS400.NET
Complete this a checklist to secure Ektron CMS400.NET.
For the latest updates to Ektron’s security guidelines, see http://dev.ektron.com/kb_article.aspx?id=30982.
Make sure you change the password for the Admin and Builtin user.
Change Admin user password
1. In the Workarea, navigate to Settings > Users
2. Click the Admin user.
3. Click the Edit Users button.
4. In the Password and Confirm Password fields, enter the new password.
5. Click the Save button.
Change builtin user password
Warning! If you changed the builtin user password during the site setup, you do not need to change it again. See BuiltIn User for additional information. Also, the “builtin” user does not appear in the Users list. This user appears on the application setup screen.
1. In the Workarea, navigate to Settings > Configurations > Setup.
2. Click the Edit button.
3. Find the Built In User field.
4. In the Password and Confirm Password fields, enter the new password.
5. Click the Update button.
Note: If you cannot sign in to Ektron CMS400.NET because the builtin user password was changed and you do not know the new password, use the BuiltinAccountReset.exe utility. This resets your Ektron CMS400.NET user / password to Builtin / Builtin. This utility is located in C:\Program Files\Ektron\CMS400versionnumber\Utilities.
Ektron CMS400.NET includes some sample users and sample membership users for evaluation and demonstration purposes. Remove these users when they are no longer needed.
Remove Sample Users and Sample Membership Users
Warning! Some users in this list might not appear in your User list. Also, you might have sample users that appear in your users lists. This depends on the version of the software you have installed.
Ektron CMS400.NET Users |
Membership Users |
jedit tbrown jsmith vs See Also: Managing Users and User Groups |
jmember north supermember west See Also: Membership Users and Groups |
To remove Ektron CMS400.NET users in the Workarea, follow these steps.
1. In the Workarea, navigate to Settings > Users.
2. Check the box next to each user that you want to remove.
3. Click Delete ().
4. Click OK.
To remove Membership users in the Workarea, follow these steps.
1. In the Workarea, navigate to Settings > Community Management > Memberships > Users.
2. Check the box next to each user that you want to remove.
3. Click Delete ().
4. Click OK.
Do Not Allow the Use of Group User Accounts
A group account is an account that more than one person uses to log in to Ektron CMS400.NET using the same username and password. This is a serious security issue because it prevents you from tracking user activities in your Workarea. Group accounts violate Ektron CMS400.NET's license agreement.
(continued in Making Additional Changes When you Decide to Buy)