[cisco-voip] Unity 4.2 versus 4.05 sign on
Lelio Fulgenzi
lelio at uoguelph.ca
Thu Apr 5 12:02:35 EDT 2007
It only takes one professor who raised 15 million dollars in research money to complain loud enough where we would be required to back out of these changes. :(
--------------------------------------------------------------------------------
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...there's no such thing as a bad timbit...
----- Original Message -----
From: Craig Staffin
To: Lelio Fulgenzi
Cc: cisco-voip at puck.nether.net
Sent: Thursday, April 05, 2007 11:50 AM
Subject: Re: [cisco-voip] Unity 4.2 versus 4.05 sign on
just curious but how many people do you have typing in the wrong passwords?
on almost all of the legacy TDM systems this has been normal for the past 15 years.
Craig
On 4/5/07, Lelio Fulgenzi <lelio at uoguelph.ca> wrote:
Can the Cisco people on this list please let the power(s) that be know that arbitrarily calling something a 'security hole' after 2 major versions in and more than 5 years into deployment for some places and NOT giving us the opportunity to keep using the same behaviour is, well, expected, but still dissappointing.
This is going to cause nothing but headaches from our end.
I thought Cisco was supposed to be "customer focused" ?
--------------------------------------------------------------------------------
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...there's no such thing as a bad timbit...
----- Original Message -----
From: CarlosOrtiz at bayviewfinancial.com
To: cisco-voip at puck.nether.net
Sent: Thursday, April 05, 2007 10:25 AM
Subject: Re: [cisco-voip] Unity 4.2 versus 4.05 sign on
I got an answer from one of my partner SE's. FYI for everyone.
<B>Symptom:</B>
After calling Unity from a primary or alternate extension and entering an incorrect password, Unity reprompts the subscriber to enter their ID.
<B>Conditions:</B>
Seen with Cisco Unity 4.2(1) when a subscriber calls Unity from a known extension (primary or alternate), and enters an incorrect password. In previous releases, if an incorrect password was entered, Unity would reprompt for the password. With sign-in enhancements in 4.2(1), Unity now prompts for the ID if an invalid password is received.
<B>Workaround:</B>
None.
The Unity DE's have reported that this design modification was to fix what they believed to be a security hole. This will be the expected behavior for Unity 4.2.1 and forward. Currently there is no plan by the Unity Business Unit to change this behavior or give customers access to change the behavior.
Carlos Ortiz/MIA/BAY/BFTG
04/05/2007 09:21 AM
To Cisco-Voip List
cc
Subject Unity 4.2 versus 4.05
In Unity 4.05 when a user enters the wrong password they are prompted to re-enter their password. In 4.2 they are prompted to enter their ID(extension) AND then their password. Is there any way to change it to behave like 4.05 or is this just a change we have to live with.
Carlos
--------------------------------------------------------------------------
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
--
Craig Staffin
Craig at staffin.org
(H) 262-437-7313
(C) 262-613-6003
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20070405/da632732/attachment.html
More information about the cisco-voip
mailing list