92.2 Agent Passwords

Agent passwords facilitate access to remote servers where restore areas and document storage areas are located. They also protect the agent consoles and GroupWise Monitor from unauthorized access.

92.2.1 Facilitating Access to Remote Servers

The Windows POA needs user name and password information in order to access a restore area or a document storage area on a server other than the one where the post office folder structure is located. There are two ways to provide this information:

  • Fill in the Remote User Name and Remote Password fields (GroupWise Administration Console > Post Office object > Settings)

  • Add the /user and /password startup switches to the POA startup file to provide a user name and password

Providing passwords in clear text in a startup file might seem like a security risk. However, the servers where the agents run should be kept physically secure. If an unauthorized person did gain physical access, they would not be doing so for the purpose of obtaining these particular passwords. The passwords are encrypted as they pass over the wire between servers, so the security risk is minimal.

92.2.2 Protecting the Agent Consoles

When you install the GroupWise agents, they are automatically configured with an agent console, and no password protection is provided. If you do not want agent console status information available to anyone who knows the agent network address and port number, you should set passwords on your agent consoles. For instructions, see:

If you plan to access the GroupWise Monitor consoles, it is most convenient if you use the same password on all agent consoles. That way, you can provide the agent console password once in GroupWise Monitor, rather than having to provide various passwords as you view the consoles for various agents. For information about providing the agent console password in GroupWise Monitor, see Configuring Polling of Monitored Agents.

92.2.3 Protecting the GroupWise Monitor Console

Along with the agent consoles, you can also provide password protection for the Monitor console itself, from which all the agent consoles can be accessed. For instructions, see Securing the Monitor Web Console.