Security Management 139CS 1000 Telephony Manager Installation and ConfigurationAny one of the three methods or a combination of the these methods can be selected toauthenticate users on all TM 3.0 platforms: TM 3.0 server, TM 3.0 Windows client, andTM 3.0 Web client.The Administrator account is always authenticated as a Windows local account. This isdue to the fact that the Administrator account is the default account on these Windowsplatforms.The default authentication method is “Local TM 3.0 server account.” Because thismethod does not require a search of the CND Directory to find the user’s assigned usergroup, the “Local TM 3.0 server account” method provides the best login performance.If multiple authentication methods is chosen, TM 3.0 respects the order configured;however, it should be noted that the best performance is achieved by using the “LocalTM 3.0 server account” method.For information about configuring authentication methods using the UserAuthentication Web page, see “User authentication” in Optivity Telephony Manager:System Administration (553-3001-330).For information about configuring authentication methods using the UserAuthentication Windows dialog box, see “User authentication” in Optivity TelephonyManager: System Administration (553-3001-330).Password policyPassword security during transport across the network is accomplished in the followingmanner:Default passwords on the Call Server, Signalling Server and the Voice Gateway MediaCard are forced changed by the software.TM 3.0 uses the PWD1, PWD2 and PDT passwords for certain functions that interactwith the Call Server, Signalling Server and Voice Gateway Media Card.If any of the passwords expire due to the force change feature, TM 3.0 functionality failssimilar to having incorrect passwords.The passwords must be updated manually on the Call Server, Signalling Server andVoice Gateway Media Card through CLI commands. TM 3.0 system properties mustalso be updated with the new passwords before proceeding with any TM 3.0functionality.