[cisco-voip] userID/password/PINs lost during migration from 4.x to 6.x
Matthew Saskin
matt at saskin.net
Thu Feb 14 07:25:23 EST 2008
The directory sync will only provide for SSO for things such as the
ccmuser page - unfortunately you're still stuck with PIN for extension
mobility, etc...
Running a BAT update after upgrade to "randomize" PIN's is a pretty good
idea.
-matt
Justin Steinberg wrote:
> hopefully when you upgrade to cm6, you can take advantage of the ldap
> directory integration to provide a single sign-on experience. This
> should be a welcomed feature by the user base, granted not every is
> positioned with a centralized directory for ccm to sync with.
>
> If you can't do dirsync, then I would suspect you could use BAT to
> bulk update the password and pins if you are (rightfully so) concerned
> about security. Setting them to the last four of social, or
> month/year of birthday, etc.
>
> On Feb 13, 2008 10:04 PM, Matthew Saskin <matt at saskin.net
> <mailto:matt at saskin.net>> wrote:
>
> I agree it's not ideal. From a practical standpoint, my guess
> would be
> that passwords/PINs were previously stored using a one-way hash
> (why the
> hashed ones couldn't move over and use the same hash with CM6 I
> don't know).
>
> Perhaps Wes can enlighten us a bit. I agree it would be
> interesting to
> hear the particular reasons for going this route...
>
> -matt
>
> Lelio Fulgenzi wrote:
> > I can appreciate GUI changes. I'm always happy to see things change
> > when they make things easier to use.
> >
> > But what I'm concerned with is the fact that they don't think it's
> > necessary to port userIDs and passwords over.
> >
> > Can you imagine having to tell thousands of users that you have to
> > reset your password? What about security risks? I don't know the
> > details but if it sets everyone's password to a default password and
> > you tell everyone this, that opens up some exposures, don't you
> think?
> >
> > I might not even an export/import utility?
> >
> >
> >
> --------------------------------------------------------------------------------
> >
> > Lelio Fulgenzi, B.A.
> > Senior Analyst (CCS) * University of Guelph * Guelph, Ontario
> N1G 2W1
> > (519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
> >
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > "Life expectancy would grow by leaps and bounds if green vegetables
> > smelled as good as bacon."
> > Doug Larson
> >
> >
> > ----- Original Message ----- From: "Matthew Saskin"
> <matt at saskin.net <mailto:matt at saskin.net>>
> > To: "STEVEN CASPER" <SCASPER at mtb.com <mailto:SCASPER at mtb.com>>
> > Cc: "Cisco Voyp List" <cisco-voip at puck.nether.net
> <mailto:cisco-voip at puck.nether.net>>; "Lelio Fulgenzi"
> > <lelio at uoguelph.ca <mailto:lelio at uoguelph.ca>>
> > Sent: Wednesday, February 13, 2008 9:30 PM
> > Subject: Re: [cisco-voip] userID/password/PINs lost during migration
> > from 4.x to 6.x
> >
> >
> >> ccmuser UI is completely different than before ;)
> >>
> >> STEVEN CASPER wrote:
> >>> Yes I do... our users are going to love that. I also read
> about the
> >>> PAB and Fast Dial access options that change. Why change basic
> user
> >>> interface functionality? Is there anything else that changes from
> >>> user perspective that is not advertised and is going to cause me
> >>> grief? How about CCM user?
> >>>
> >>> >>> "Lelio Fulgenzi" <lelio at uoguelph.ca
> <mailto:lelio at uoguelph.ca>> 2/13/2008 3:27 PM >>>
> >>> Anyone else have some concern that in the migration from 4.x
> to 6.x
> >>> you will lose all passwords and PINs?
> >>> Essentially, you have to set them to some default password
> and then
> >>> have everyone go back in and change them.
> >>> Lelio
> >>>
> --------------------------------------------------------------------------------
> >>>
> >>> Lelio Fulgenzi, B.A.
> >>> Senior Analyst (CCS) * University of Guelph * Guelph, Ontario
> N1G 2W1
> >>> (519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
> >>>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >>> "Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo
> buffalo." WJR
> >>>
> >>> ************************************
> >>> This email may contain privileged and/or confidential information
> >>> that is intended solely for the use of the addressee. If you
> are not
> >>> the intended recipient or entity, you are strictly prohibited from
> >>> disclosing, copying, distributing or using any of the information
> >>> contained in the transmission. If you received this
> communication in
> >>> error, please contact the sender immediately and destroy the
> >>> material in its entirety, whether electronic or hard copy. This
> >>> communication may contain nonpublic personal information about
> >>> consumers subject to the restrictions of the
> Gramm-Leach-Bliley Act
> >>> and the Sarbanes-Oxley Act. You may not directly or indirectly
> reuse
> >>> or disclose such information for any purpose other than to provide
> >>> the services for which you are receiving the information.
> >>> There are risks associated with the use of electronic
> transmission.
> >>> The sender of this information does not control the method of
> >>> transmittal or service providers and assumes no duty or obligation
> >>> for the security, receipt, or third party interception of this
> >>> transmission.
> >>> ************************************
> >>>
> >>>
> ------------------------------------------------------------------------
> >>>
> >>>
> >>> _______________________________________________
> >>> cisco-voip mailing list
> >>> cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
> >>> https://puck.nether.net/mailman/listinfo/cisco-voip
> >>>
> >>
> >>
> >
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
More information about the cisco-voip
mailing list