Setting general global server options
You can set general options to change the local admin password, specify how often to look for report stylesheets, automatically upgrade clients to the current server version, and compress files stored on the Surround SCM Server.
You can also enable encryption to secure client/server communication. Encryption scrambles data to prevent interception, or eavesdropping, as it passes between clients and the server. You can use RSA key exchange for stronger encryption keys if your network is potentially insecure or if users log in from outside of your network. See Securing communication between clients and the Surround SCM Server for information about encryption, authentication, and key exchange methods used.
1. Choose Tools > Administration > Server Options.
The Server Options dialog box opens with the General category selected.
2. Enter and confirm a new password to change the Local SCM Admin password.
A local SCM admin user is created when Surround SCM is installed. It is strongly recommended that you change the admin password to a unique password.
3. Select Add additional information to names in user selection lists to display additional contact information with full names in list fields with user values, which helps distinguish between users with the same first and last name.
You can add the email address, phone number, or company to user list values. The information is displayed in parentheses after users' full names. For example, if you select to add email addresses, users with the name John Smith are displayed as Smith, John (johnlsmith@wysicorp.com) and Smith, John (smithjd@wysicorp.com). If a user record does not include the selected information, no additional information is displayed in user lists.
4. Select a Look for new server stylesheets time interval to set how often the server should automatically check for new report stylesheets on the server.
5. Select Automatically upgrade Surround SCM clients to the current Surround SCM Server version to enable automatic client upgrading for clients connecting to this server.
Selecting this option ensures all users are running the correct version.
6. Select Compress files stored on the Surround SCM Server to compress files and use as little disk space as possible.
7. Select Encrypt communication between clients and the server to encrypt all communication between clients and the server, which reduces the likelihood of eavesdropping by hackers.
Encryption increases security, but may slightly affect performance. Select this option if your organization’s network is secure and no client applications outside of the network communicate with the server.
The OpenSSL version used is displayed. Any vulnerabilities found in OpenSSL are published on the OpenSSL web site. To check if OpenSSL version displayed in Surround SCM has vulnerabilities that impact Surround SCM, check the knowledgebase or contact Perforce Support for information.
8. Select Use RSA key exchange to use strong key exchange for communication between clients and the server.
RSA is a public key encryption algorithm that uses separate keys for encryption and decryption. Select this option if your organization stores sensitive information in Surround SCM and users log in to client applications outside of your network using a username and password. If you use RSA, the public key must be added to all clients that access the server. See Configuring RSA key exchange for information about setting up RSA.
9. Click OK to save the changes.
If you change key exchange options, client applications and the Surround SCM web and proxy servers must be updated. The following scenarios require further action after changing security settings.
| If you use: | And you change it to: | You need to: |
|---|---|---|
| No encryption | RSA key exchange | Download a settings file that client users need to import in the server connection settings. If you use Surround SCM Web or proxy servers, import the file in the registry utility on the corresponding server computer. |
| RSA key exchange | No encryption or basic encryption (Encrypt server communication between clients and the server is selected) | Remove the public key fingerprint from any clients that connect to the server. Click Remove in the server connection information in clients and in the options for servers in the registry utility. |
See Configuring RSA key exchange for information about adding and removing keys in clients.