MeetingSphere Portable Server Box Administration Manual

Brand: MeetingSphere

Model: Portable Server Box

Type: Administration Manual

Administration Handbook

MeetingSphere Portable Server 3

Contents

1. Bringing the Server into service (Basics) .......................... 5

1.1 Starting and stopping the Server ................................................................................. 5

1.2 Setting up the local (wireless) network ....................................................................... 5

1.2.1 WLAN Access Point ............................................................................................... 5

1.2.2 IP address assignment (DHCP) ............................................................................. 6

1.2.3 Domain name resolution (DNS) ........................................................................... 6

1.3 First login ..................................................................................................................... 6

1.3.1 Login to the Server Console ................................................................................. 7

1.3.2 Login to the Meeting center................................................................................. 7

1.3.3 Initial configuration of the Meeting center.......................................................... 8

2. The Server Console ......................................................... 9

2.1 Network settings ......................................................................................................... 9

2.1.1 Setting the server's network address ................................................................... 9

2.1.2 The DHCP service................................................................................................ 10

2.1.3 Domain name resolution (DNS) ......................................................................... 10

2.1.4 Wireless network ............................................................................................... 11

2.1.5 Extending the network ....................................................................................... 11

2.2 Log control ................................................................................................................. 11

2.3 Notification settings / Contact info server administration ....................................... 13

2.4 Backup and restore .................................................................................................... 13

2.4.1 Create Backup .................................................................................................... 13

2.4.2 Restore databases from backup ......................................................................... 14

2.4.3 Restore complete server machine ..................................................................... 15

3. Meeting center settings ................................................ 15

3.1 General Meeting center settings ............................................................................... 16

3.2 Terms of use for acceptance after login .................................................................... 17

3.3 Layout and content of login page .............................................................................. 17

3.3.1 Branding ............................................................................................................. 18

3.3.2 Terms of use ....................................................................................................... 18

3.4 Authentication settings ............................................................................................. 19

3.4.1 Password complexity requirements ................................................................... 20

3.4.2 Scheduled change of password .......................................................................... 21

3.4.3 User administration control ............................................................................... 22

3.5 Screen saver ............................................................................................................... 23

3.5.1 Re-authentication ............................................................................................... 24

3.5.2 Specification of the screen lock ......................................................................... 25

3.6 Default report logo .................................................................................................... 25

3.7 Notification and contact info ..................................................................................... 26

3.8 Template settings ...................................................................................................... 28

3.9 Log file ........................................................................................................................ 28

4. User administration ...................................................... 29

4.1 User accounts ............................................................................................................ 30

4.1.1 One-time participants ........................................................................................ 30

4.1.2 Non-personal Facilitator accounts ..................................................................... 30

4.1.3 Regular users ...................................................................................................... 30

4.2 Administrators ........................................................................................................... 35

4.3 Automatic deletion and removal of users from trash ............................................... 36

5. Subscription administration ......................................... 37

5.1 File-based administration of subscriptions ............................................................... 37

5.2 Maintaining the Portable Server subscription .......................................................... 41

5.3 Self-administration of Non-personal Facilitator Subscriptions ................................. 41

5.3.1 Subscription administration in the MeetingSphere Store ................................. 42

5.3.2 Understanding the participant limit ................................................................... 43

5.4 Reportable events ..................................................................................................... 43

6. Session settings ............................................................ 44

6.1 Binding meeting settings ........................................................................................... 44

6.2 Default values for meeting setup .............................................................................. 46

7. Default welcome screen ............................................... 48

8. Software update ........................................................... 50

8.1 Critical updates .......................................................................................................... 50

8.2 Update process .......................................................................................................... 50

8.2.1 Checking for updates .......................................................................................... 50

8.2.2 Download the update from the update server .................................................. 51

8.2.3 Upload the update installer to the Portable Server ........................................... 51

9. Technical specification .................................................. 51

9.1 Client .......................................................................................................................... 51

9.2 Network connectivity ................................................................................................ 52

9.3 Security ...................................................................................................................... 52

9.3.1 Protection of traffic ............................................................................................ 52

9.3.2 Protection against malicious code ..................................................................... 52

10. Protection of privacy .................................................... 53

10.1 Protection of content ................................................................................................ 53

10.2 Anonymity ................................................................................................................. 53

10.3 Privacy in the meeting report .................................................................................... 54

10.4 Logs and lists .............................................................................................................. 54

Appendix A: Auditable events ........................................... 56

This manual describes the administration of a MeetingSphere Portable Server. It is complemented

by MeetingSphere’s guide “How to set up a Wireless Network for MeetingSphere Portable Server”

which is also available on MeetingSphere’s website.

If you are concerned with a Portable Server SCIF Edition you want to download that product's

specific handbook.

1. Bringing the Server into service (Basics)

The Portable Server is delivered pre-installed on a Portable Server Box which is, in fact, a high-

powered "headless" server optimized for easy off-Internet deployment on an ad-hoc local net-

work. The Portable Server does not require keyboard nor monitor as all configuration is achieved

through the Portable Server application via a browser.

The Portable Server is accessed through two URLs

• http://meetingsphere.net for meetings and Meeting center administration.

• http://console-meetingsphere.net for setting the server's IP addresses and for restoring

the database from backup in the server console (only user "serveradmin")

1.1 Starting and stopping the Server

Switch on the Portable Server with the front-side power switch.

• Give the server 30 seconds to boot the operating system and come "up"

• When the light is on, do not pull the power cord

• Always shut down the server

o by selecting that option when logging out

o with the power switch. Press once. Wait till the light is off.

1.2 Setting up the local (wireless) network

The Portable Server is designed for use on a separate, private (Off-Internet) network. The Portable

Server will control its network via its inbuilt DHCP and DNS services.

Do not run the server on networks where DHCP or DNS are provided by other devices (such as a

DSL-Router) as these services are bound to clash with those of the Portable Server.

1.2.1 WLAN Access Point

The Portable Server Box is equipped with a GBit ethernet interface into which the Wireless Access

Point is plugged.

Be aware that most consumer products – especially those “given away” by broad-band providers

– are liable to start dropping connections even with small numbers of participants. Quality

consumer Access Points such as Apples Airport series (2nd generation) will reliably support up to

about 50 connections (user machines; check the specs!). If you must expect a saturated radio

spectrum (such as inner London, New York, Paris), there is no way around truly professional kit

from the likes of Ruckus that will find and exploit the gaps. Use multiple Access Points with "Roam-

ing" for larger numbers of connecting computers.

Note that a Router is not an “Access Point” as we use the term here. If your favoured device

happens to be a router, you may be able to switch it to “Access Point” (“AP”) or “Bridge” mode

thereby disabling the unwanted router functionality. If you cannot switch to AP or Bridge mode,

buy another router which can do this or buy a (non-router) Access Point or check out Meeting-

Sphere’s guide “How to set up a Wireless Network for MeetingSphere Portable Server” which is

available on MeetingSphere’s website.

Configure the Access Point as follows:

IP = 192.168.1.3 (an address reserved in the server's DHCP)

Router address (if asked): 192.168.1.1 (the Portable Server)

DNS server (if asked): 192.168.1.1 (the Portable Server)

SSID: visible, e.g. MeetingSphere

Encryption: WPA PSK2, AES (recommended)

Password: Pronounceable, e.g. MeetingSphere

1.2.2 IP address assignment (DHCP)

The MeetingSphere Portable Server is licensed only for operation on separate private networks

and is delivered with factory defaults 192.168.1.1 (Meeting center) and .2 (console). The inte-

grated DHCP server provides IP addresses from 192.168.1.16 through .254 dynamically to clients.

Addresses 192.168.1.3 through .15 are reserved for devices with fixed IP such as Access Points,

printers or routers for extending the address range to very high numbers. For details, see chapter

“Network settings”

Note that, in the server console, the network of the Portable Server can be changed from e.g.

192.168.1 to e.g. 192.168.2. In this case, all IP addresses given above would change relative to

that new network number.

1.2.3 Domain name resolution (DNS)

The Portable Server is equipped with a DNS server which resolves name requests for

• meetingsphere.net (the Meeting center application)

• console-meetingsphere.net (the server console)

1.3 First login

After the Portable Server has been made available on the wireless network, log in to the two

components of the Server application and change passwords.

1.3.1 Login to the Server Console

First, login to the server console by entering the console's URL to the address field of your

browser:

http://console-meetingsphere.net

User name: serveradmin

Password: changeme! (change at first login)

You must enable pop-ups for the server console.

A change of password is forced at first login.

Make sure to take down the new password and store it in a safe place as you will need to access

the Server Console to

• Change the Server's IP addresses (possibly)

• Review logs (possibly)

• Restore the Server Console or the Meeting center from Backup (hopefully not!)

1.3.2 Login to the Meeting center

Now, login to the Meeting center with the username (your email address) sent to you from the

MeetingSphere Store by entering the Meeting center's URL to the address field of your browser:

• http://meetingsphere.net

• User name: your email address

• Password: changeme! (change at first login)

You must enable pop-ups for the server console.

Make sure to remember the new password. You will need to access the Meeting center in your

role of Subscription Administrator and (at least initially) Meeting center Administrator with your

personal account.

Host account(s). You will have purchased one or more Facilitator subscriptions for non-personal

user accounts which you will find in the Meeting center's user database. Log in and change the

default password at first login.

• http://meetingsphere.net

• User name: e.g. [email protected]

• Initial password: changeme! (change at first login)

Note that, on a Portable Server, as far as MeetingSphere is concerned, you are free to share the

such sharing of accounts is also in line with the policies of your organization.

Facilitators simply change the Firstname and Surname of the account in the user profile. This puts

the right name on the cover sheet of the report.

1.3.3 Initial configuration of the Meeting center

First login

The Subscription administrator is the first Meeting center administrator of the Meeting center.

The Subscription administrator signs in under

http://meetingsphere.net

with the credentials (s)he has received on purchase, i.e. email address and initial password

“changeme!” (change at first login).

Open Meeting center administration

Access is limited to administrators of the Meeting center i.e. initially the Subscription administra-

tor.

Review and adapt the following settings:

Company name and welcome message (Meeting center settings > Meeting center)

The name of your organization is maintained in the MeetingSphere Store. Specify a suitable pos-

sessive pronoun for the Meeting center’s welcome message at login, for instance “Welcome to

the Meeting center “of” “Example Inc.”

End-user licence Agreement. (Meeting center settings > Terms of use)

If required, specify a document which users must accept (once) after signing in.

Customize login page. (Meeting center settings > Layout and content of login page)

If required, customize the login page with your organization’s logo or terms of use which must be

accepted at sign-in.

Authentication requirements (Meeting center settings > Authentication settings)

Specify the authentication requirements in keeping with your organization’s rules.

Default report logo (Meeting center settings > Default report logo)

Upload your organization’s logo for printing on the cover sheet of meeting reports. Note that

Facilitators can customize the logo of any report.

Contact info (Meeting center settings > Contact information)

Which contact info shall be displayed to users under “Help > Support”? If applicable, add a note

on service availability e.g. office hours.

Brand your welcome screen (Default welcome screen)

Participants enter and exit a meeting via the welcome screen. Brand your Meeting center by up-

loading a wallpaper for the default welcome screen. Note that Facilitators can customize the wel-

come screen for any meeting.

Administer users (User accounts and privileges)

Create users manually or by import from file.

• Create and maintain members of your organization in the “internal users” tab.

• Create and maintain “external users” in that tab

• Assign administrative privileges by editing the respective user profiles.

2. The Server Console

The Server Console is called via:

• URL: http://console-meetingsphere.net

• User name: serveradmin

• Password: as set on first login (factory default: changeme!)

The Server Console is for:

• configuring the network settings

• controlling and reviewing logs

• configuring the backup and restore process

2.1 Network settings

Portable Servers are designed and licensed for being run on a separate (wireless) LAN on which

the server provides the

• the DHCP service (assignment of IP addresses to clients)

• the DNS service (name resolution to IP addresses)

These services cannot be switched off.

To avoid conflict and technical failure, make sure that there are no other devices on the network

which also provide these services.

2.1.1 Setting the server's network address

The Portable Server requires two IP addresses, namely "1" (Meeting center) and "2" (Console) on

a class C network (default: 192.168.1). These IPs are given by the server's DNS when the Meeting

center or the Console are called on the network:

http://meetingsphere.net IP 192.168.1.1 (factory default)

http://console-meetingsphere.net IP 192.168.1.2 (factory default)

Server console >> Server administration

Change this only for good cause.

Changing the server's network to e.g. 192.168.2 will change these addresses to 192.168.2.1 and

192.168.2.2 respectively.

2.1.2 The DHCP service

The server’s DHCP service allocates network addresses to devices that connect to the network.

Depending on the server's IP address, the DHCP server will:

• reserve the following 13 IP addresses for peripherals with a fixed IP address such as ac-

cess points, routers or printers and

• allocate addresses to clients with "automatic" IP address assignment after that

Examples:

On shipping, factory defaults:

Meeting center IP address: 192.168.1.1

Server Console IP address: 192.168.1.2

Adresses reserved in DHCP 192.168.1.3 through 192.168.1.15

Addresses allocated by DHCP 192.168.1.16 through 192.168.1.254

With custom IP address:

Meeting center IP address: 192.168.2.1

Server Console IP address: 192.168.2.2

Adresses reserved in DHCP 192.168.2.3 through 192.168.2.15

Addresses allocated by DHCP 192.168.2.16 through 192.168.2.254

2.1.3 Domain name resolution (DNS)

The Portable Server's DNS server resolves name requests for:

• meetingsphere.net (the Meeting center application)

• console-meetingsphere.net (the server console)

to the IP addresses specified above.

2.1.4 Wireless network

The Portable Server Box is equipped with a GBit ethernet interface into which a Wireless Access

Point can be plugged.

A professional WLAN Access Point (not router!) must be procured separately in accordance with

local regulations (legal frequencies, channels). Unlike consumer products, Business Access Points

will reliably support up to about 50 users (check the specs!).

Configure the Access Point as follows (IP address based on factory defaults):

Access point IP address 192.168.1.3

SSID: visible; e.g. MeetingSphere

Encryption: WPA PSK2, AES (recommended)

Password: Pronounceable, e.g. MeetingSphere4711

2.1.5 Extending the network

For up to 200 connecting clients, extend the network by adding (professional!) access points and

enable "roaming". If you are unfamiliar with building a wireless LAN for many users, check the

download pages on meetingsphere.com for more info or, preferably, ask a network professional

for help.

Should your requirements exceed the offered address range (i.e. 192.168.1.16 - .254), use sepa-

rate (WLAN-)routers with separate DHCP to extend it.

Configure the extra router(s) as follows (IP addresses based on factory defaults):

WAN (uplink) IP address 192.168.1.4 (must be reserved in server's DHCP)

LAN IP address e.g. 192.168.2.1

DHCP: on

DNS server IP of the Portable Server i.e. 192.168.1.1 (default)

Add wireless Access Points (with roaming) to provide reliable radio connectivity for the extended

address range.

2.2 Log control

Changes to the log settings become effective on confirmation.

The Portable Server keeps two separate logs:

1. The sytem log which logs miscellaneous system events for the purpose of debugging

2. The (optional) audit log which keeps track of all security-related events

Both logs can be viewed from the console or downloaded for analysis.

System logs older than 6 months are automatically purged from the system.

Audit log

The (optional) audit log keeps track of all security related events including but not limited to

• Changes to security or authentication settings

• Login events

• Changes to passwords or user accounts

• Uploads or downloads

• Export or import of content

• Access to meetings

• Creation or deletion of meetings

• Backup or restore from backup

The anonymity of contributions is protected.

Auditable events are listed in Appendix A “Auditable events” of this handbook.

Log control

Retain log-files for (days) (Default: 90)

Number of days for which log-files are maintained on the server.

Response to audit log processing failure

• Overwrite (default)

If a log entry cannot be written (for lack of space), an older log will be overwritten

• Shutdown Meeting center

If a log entry cannot be written – for whatever reason – the Meeting center will be shut

down.

2.3 Notification settings / Contact info server administration

Contact information for server administration. This may be personal or group related (e.g. a

helpdesk).

Information given here is displayed for reference in the contact information section of the Meet-

ing center.

2.4 Backup and restore

The backup and restore procedure described below relates to restoring the system databases after

(partial) system failure. Facilitators create backups of individual meetings by copying those

meetings within the database (technically: Creating new meeting from existing meeting) or by

exporting the meeting as an .mssf file via the toolbar of meeting setup.

2.4.1 Create Backup

Backups can be created by any administrator or Facilitator by calling that function in Meeting

center administration.

On execution of "Create backup", backups of the system databases are created, encrypted and

presented for download.

After download is complete, the backup file is deleted from the server.

Downloaded backup files should be moved to a secure medium or system as soon as possible.

Create backup panel

2.4.2 Restore databases from backup

A restore from backup occurs in the Server Console which is called under http:\\console-meet-

ingsphere.net.

To restore the server's databases, the Server administrator ("serveradmin")

• uploads a backup to the server's backup partition

• selects the relevant backup from the backup partition for restore.

Select backup to be restored

Server administrators should be aware that the Portable Server

• can only decrypt and apply backups which have been encrypted with its specific crypto-

graphic secrets

• may reject very old backups created on a no-longer supported version of the software

• will reject backups created on a more recent version of the software

• will reboot on completion of the restore operation

SUBSCRIPTION STATUS UPDATE REQUIRED! Note that a restore from backup is a reportable event

as it includes subscription information on the server. You must complete a status update cycle

within 7 days.

2.4.3 Restore complete server machine

After physical loss, catastrophic failure or after replacing a banged-about Portable Server Box with

a new one, the system can be rebuilt from backup if a backup of the Meeting center databases

exists. Proceed as follows:

1. Arrange for a new Portable Server Box with identical Server-ID through your Meeting-

Sphere sales partner.

2. Restore the databases

3. Complete a subscription update cycle to report the restore operation to the Meeting-

Sphere Store.

3. Meeting center settings

The Subscription administrator is the first Meeting center administrator of the Meeting center.

The Subscription administrator signs in under

http://meetingsphere.net

with the credentials (s)he has received on purchase, i.e. email address and standard password

“changeme!” (change at first login).

Meeting center administration is accessed via the Meeting center toolbar

Meeting center administration – main menu

3.1 General Meeting center settings

Meeting center settings govern the appearance and accessibility of the Meeting center. Further,

support and contact information is specified

General Meeting center settings include

• URL of the Meeting center

On the Portable Server's local network, the Meeting center is called under http://meet-

ingsphere.net or its IP address 192.168.1.1 (shipping default).

• Displayed name of organization

shows the name of the organization which owns the Portable Server. This name is used

in the Meeting center and on the login page. It is specified in the MeetingSphere Store.

• Possessive pronoun

A possessive pronoun is needed for the salutary text in the Meeting center and for sys-

tem email. It must suit the chosen default language. In English this is typically “of” as in

“Welcome to the Meeting center of Example Inc.”

• Supported languages

Specifies the languages supported by the Meeting center.

• Default language

Sets the default language of the Meeting center for new users.

General Meeting center settings

3.2 Terms of use for acceptance after login

Upload a PDF for display if users of the Meeting center must accept a written statement at first

The specified document will be displayed once after successful login.

If you require users to accept terms of use every time at login, customize the login page for this.

Specification of end-user agreement

3.3 Layout and content of login page

The login page of the Meeting center can be customized for the purposes of

• branding

• requesting the acceptance of use terms at each login

For customization, select option "Customized with centered login box". A wire frame of the layout

is given.

Customization of login page: Upload graphic files (logo)

3.3.1 Branding

The wire frame of the brandable login screen gives three zones into which graphic content can be

uploaded for display:

1. The "Upper Logo Header" which sits above the login box and can display one graphics

file

2. The "Logo Header above main field" which sits below the login box above the main field

and can display one graphics file

3. The "Main field" which can display either one graphics file or text.

To upload a graphics file, select option "Display graphic" and upload a file in bmp, gif, jpg, jpeg or

png format. Display is limited by hight and scaled accordingly. Test different resolutions and re-

member that fat files are a pain to load over slow lines. Decide whether the graphic shall be dis-

played left aligned, right aligned or centered.

3.3.2 Terms of use

If you want the main field to display text, select that option.

Text is entered via multiple text fields. Add and delete fields as required.

Customization of login page: Specify text

Each text field can hold multiple paragraphs but can only be formatted as a whole. This means

that all text in a field will be "Large", "Bold" or "Italic" (or not) and be listed under one bullet (or

not).

Select option "Users must accept terms of use" to change the caption on the login button to

"Login - I accept the terms of use" instead of plain "Login".

Preview the result before saving.

"Save" to render the new login screen "active".

If you want to keep your login screen clean and merely require users to accept terms of use once,

consider feature "Terms of use for acceptance after login" as an alternative.

3.4 Authentication settings

Any authentication requirements for users with role " Meeting center administrator" automat-

ically apply also to the Server administrator ("serveradmin") in the Server Console.

Unless prohibited by Meeting center administration, Facilitators may invite participants to join

their meetings without authentication. If required, disable "open meetings" in Meeting center

administration/meeting settings.

When considering authentication requirements for the Portable Server, keep in mind that these

Servers are designed and licensed only for operation on separated local area networks. The first

and most important line of defence is to control access to that network and to protect the confi-

dentiality and integrity of traffic on that network at the network level.

If you are concerned about your Portable Server holding sensitive content i.e. the results of meet-

ings, you should instruct users who run meetings (Facilitators) not to leave meetings on the server

but to export and delete them when done. Of course, you can back up such an instruction admin-

istratively by limiting the storage of content on the Server.

3.4.1 Password complexity requirements

Password complexity requirements

• Enforce password change at first login (Default: yes)

Specifies if users are forced to specify a personal password after logging on with the sys-

tem-generated initial password.

• Password requirements

Specifies the minimum requirements for a valid password:

o Minimum length (Default: 8)

o Quorum of capital letters (Default: 0)

o Quorum of numbers (Default: 0)

o Quorum of special characters (Default: 0)

o Quorum of lower case letters (Default: 0)

o Quorum of changed characters (Default 1)*

* The quorum of changed characters is checked and enforced versus the previous pass-

word. A change in position i.e. 69 vs 96 or 123456789 vs 923456781 counts as 2 changed

characters. This is independent of the "Reject last passwords" feature which tests new

passwords for an exact match against the hashes (an encrypted simile) of the given num-

ber of previous passwords.

Page is loading ...

MeetingSphere Portable Server Box Administration Manual

Brand: MeetingSphere

Model: Portable Server Box

Type: Administration Manual

Download PDF

report

MeetingSphere Portable Server Box Administration Manual

MeetingSphere Portable Server Box Administration Manual

Other documents