Understanding Meridian security requirements

Meridian does not rely on Windows to implement vault security. Meridian uses Windows only to authenticate users’ identity. Instead, security roles are defined in the Meridian Enterprise Configurator and privileges are granted or revoked from these roles. An administrator then assigns Windows users or groups to different roles for different folders with the PowerUser client application.

To work the most effectively with Meridian, Windows user accounts and groups should adhere to the following guidelines:

• Multiple users should not be allowed to log in under the same user name.
• Password synchronization between networks or systems should be consistent.
• A dedicated server for user administration is recommended.
• Users should always log in when they start working.
• Users’ logon scripts should synchronize the client computer time with the Meridian application server time.

If your Meridian Enterprise system will use more than one server, the services might need to be configured to allow security delegation as described in Understanding security delegation.