IBM SPSS Data Collection Installation Manual page 62

54
Chapter 3
The Choose the location of Interviewer Server Project and Source files page allows
E
you to specify the folder that you want to create for storing the project and source files
that the Interview Services use for running interviews. When a scriptwriter activates a
project, the activation program copies the questionnaire file and the templates into the
Projects folder so that they are available for interviewing. The default project folder is
[INSTALL_FOLDER]\IBM\SPSS\DataCollection\6\Interviewer. Click
E On the FIPS 140-2 Compliance page, select whether or not the installation will be configured for
FIPS 140-2 compliance. FIPS 140-2 is a U.S. government computer security standard used to
accredit cryptographic modules. Refer to the
(http://csrc.nist.gov/groups/STM/cmvp/standards.html#02)
Note: When configuring for FIPS 140-2 compliance in the Windows Server 2008 environment,
you must first install a Microsoft hotfix. Failure to install the hotfix may result in problems when
using the Interviewer Server Administration User Administration activity. Refer to the
support article "FIX: You cannot run an ASP.NET 3.5-based application that uses a ScriptManager
control" (http://support.microsoft.com/kb/981119)
Configure for FIPS 140-2 Compliance.
compliant prior to installation, the installation process will not let you deselect the Configure for
FIPS 140-2 Compliance option. If you no do not want the installed applications to be FIPS 140-2
compliant, you must manually set a Windows System cryptography setting to disabled:
1. From the Windows Control panel, select:
Administrative Tools > Local Security Policy > Local Policies (located in the left panel) > Security
Options (located in the left panel) > System cryptography: Use FIPS compliant algorithms... (located
in the right panel)
2. Double-click the
For new installations, the SHA-1 hash function algorithm is used regardless of whether or not
Configure for FIPS 140-2 Compliance is enabled; for upgrade installations, the following
rules apply:
If FIPS 140-2 is enabled, all existing user information from the previous version is upgraded
in the following steps:
– The original, encrypted user passwords are archived to a setup log file.
– New user passwords are randomly assigned and saved to a setup
log file. The log file is located at: C:\Program Files\Common
Files\IBM\SPSS\DataCollection\6\\Installer\NewPassword.logInterviewer Server
Administration administrators can supply users these new, temporary passwords in a manner
that is in accordance with their business practices.
– The MustChangePasswordAtNextLogin setting is enabled, which forces users to change
their passwords at next login.
When upgrading on a server that is currently not configured for FIPS 140-2, you are presented
with the option to reset user passwords:
– If you choose to reset user passwords, the SHA-1 hash function algorithm is employed.
If your system is already configured to be FIPS 140-2
System cryptography: Use FIPS compliant algorithms...
National Institute of Standards and Technology
website for more information.
for more information.
to continue.
Next
Microsoft
policy and select
Disabled
.