Restricting Siebel Server Access

To restrict privileges to Siebel Server processes, assign an operating system account that is specific to the Siebel Server. Make sure this account has access only to files, processes, and executable files required by Siebel CRM.

• In Windows operating system environments, remove or limit the use of shared folders.

• In UNIX operating system environments:

  • Do not make the Siebel Server account the root administrator.

  • Disable UNIX r-services (for example, rlogin, rshell, rexec, rcp).

    R-services allow users to log in to and run various commands on a remote host computer. Before you can run the r-services on a remote host, you are required to provide authentication to access the host unless the local computer is listed in the .rhosts file, in which case authentication is not required. Therefore to provide the appropriate level of access and control to the Siebel Server, it is recommended that you disable the usage of r-services. Once you have disabled r-services, .rhosts files are not required and can be removed.