Create a New PIN Policy
Topic Last Modified: 2010-12-13
You can use the PIN Policy page to provide personal identification number (PIN) authentication to users who are connecting to Microsoft Lync 2010 with IP Phones. To use PIN authentication, make sure that Enable PIN Authentication is selected in Web Service settings. For details, see Modify an Existing Web Service.
Follow these steps to create a user-level or a site-level PIN policy.
To create a user or site PIN policy
From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or assigned to the CsServerAdministrator or CsAdministrator role, log on to any computer that is in the network in which you deployed Lync Server 2010.
Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. For details about the different methods you can use to start Lync Server Control Panel, see Open Lync Server Administrative Tools.
In the left navigation bar, click Security and then click PIN Policy.
On the PIN Policy page, click New, and then do one of the following:
To create a user-level policy, click User policy. In New PIN Policy, in Name, type a name that describes the policy.
To create a site-level policy, click Site policy. In the Select a Site search field, type all or part of the name of the site for which you want to create a policy. In the resulting list of sites, click the site you want, and then click OK.
In the Description field, type a description of the PIN policy.
In the Minimum PIN length field, type or select the minimum PIN length that you want to allow. The default minimum length is five digits.
To be able to specify the maximum number of logon attempts before a user is locked out, select the Specify maximum logon attempts check box. If you do not select this option, the maximum number of allowed attempts is automatically determined based on the PIN length. By default, the maximum number of attempts is automatically determined.
If you selected the Specify maximum logon attempts check box, in Maximum logon attempts, type or select the maximum number of logon attempts that you want to allow.
To have PINs expire, select the Enable PIN expiration check box. If you do not select this option, PINs will never expire. By default, PINs never expire.
If you selected the Enable PIN expiration check box, in PIN expires after (days), type or select the number of days after which PINs expire.
In PIN history count, type the number of PINs that a user must create before the user can reuse a PIN. By default, users can reuse their PINs.
To allow common patterns of digits in PINs, such as sequential numbers and repetitive sets of numbers, select the Allow common patterns check box. If you do not select this option, only complex patterns of digits are allowed. By default, only complex patterns of digits are allowed.
We recommend that you do not allow common patterns.