If you want this enabled. Simply create a User Group with the default settings you want for your organization and assign users to it. No more difficult than what you propose security conscious admins do. There were many companies (MS being primary among them) that chose ease of use over security in the past. I don't have to elaborate on how that turned out.
You can have both though. If you want ease of use or for non techies, the proper approach is a Wizard or something that they can run to setup things auto-magically. In fact, security is even more important to be in place by default for "non-educated" users. They will leave everything wide open and then be surprised when it bites them. At that point, they will blame the publisher for not protecting them just like what happened to MS. That is probably not in the cards for this release. Perhaps 4.4? -----Original Message----- From: Huijun Yang [mailto:[email protected]] Sent: January-15-10 1:09 PM To: Geoff Van Brunt; [email protected] Subject: RE: [sipX-dev] IM is disabled on user account by default >>I noticed user's IM is disabled by default? Wouldn't it be better user >>experience if it is enabled by >default? ( Let's say admin forget to >>enable it...) >It would be more convenient, but breaks the rule of secure by default. IM is looked at as a security hole in most enterprises and they would not >take a product seriously that came with it turned on. If I were evaluating a product that had that as default I might assume the rest of the >product is that way as well... Good point, but this IM enable/disable is at user account level. If an enterprise is not willing to compromise its security with IM service, it can disable the IM role at server level. Maybe it is left as disabled by default because only some privileged accounts can have IM service? _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
