[cisco-voip] Field Notice from Cisco making Secure LDAP mandatory

Anthony Holloway avholloway+cisco-voip at gmail.com
Thu Feb 13 14:32:34 EST 2020


That's interesting to know.  How did you learn that?

On Thu, Feb 13, 2020 at 12:30 PM Brian Meade <bmeade90 at vt.edu> wrote:

> CUCM doesn't check the names, just that the chain is trusted.
>
> On Sun, Feb 9, 2020 at 5:23 PM Matthew Loraditch <
> MLoraditch at heliontechnologies.com> wrote:
>
>> Interesting. Our root cert is and has been loaded, but I’m still using
>> just the IPs so normally that would make the handshake fail.
>>
>> Get Outlook for iOS <https://aka.ms/o0ukef>
>>
>> Matthew Loraditch​
>> Sr. Network Engineer
>> p: *443.541.1518* <443.541.1518>
>> w: *www.heliontechnologies.com* <http://www.heliontechnologies.com/>  |
>> e: *MLoraditch at heliontechnologies.com*
>> <MLoraditch at heliontechnologies.com>
>> [image: Helion Technologies] <http://www.heliontechnologies.com/>
>> [image: Facebook] <https://facebook.com/heliontech>
>> [image: Twitter] <https://twitter.com/heliontech>
>> [image: LinkedIn] <https://www.linkedin.com/company/helion-technologies>
>> ------------------------------
>> *From:* Lelio Fulgenzi <lelio at uoguelph.ca>
>> *Sent:* Sunday, February 9, 2020 5:15:40 PM
>> *To:* Matthew Loraditch <MLoraditch at heliontechnologies.com>
>> *Cc:* James Buchanan <james.buchanan2 at gmail.com>; voyp list, cisco-voip (
>> cisco-voip at puck.nether.net) <cisco-voip at puck.nether.net>
>> *Subject:* Re: [cisco-voip] Field Notice from Cisco making Secure LDAP
>> mandatory
>>
>>
>> [EXTERNAL]
>>
>>
>> I couldn’t get secure ldap to work without loading the certificates from
>> the AD servers. I also had more luck using the global catalog ports.
>>
>> Sent from my iPhone
>>
>> On Feb 9, 2020, at 5:05 PM, Matthew Loraditch <
>> MLoraditch at heliontechnologies.com> wrote:
>>
>> I was wondering if they were going to post anything as it’s very unclear
>> if ldap over tls was the fix.
>>
>> Apparently (and amen) it is. Did it on our office system last week to see
>> if it would work without any certificate needs. It just worked and during a
>> save it will instantly tell you if it worked or not.
>>
>> Outside of the most regimented environments you should be able to just
>> make the change. If it fails talk to your AD team as they would likely have
>> something blocked or disabled.
>>
>> Get Outlook for iOS <https://aka.ms/o0ukef>
>>
>> Matthew Loraditch​
>> Sr. Network Engineer
>> p: *443.541.1518* <443.541.1518>
>> w: *www.heliontechnologies.com* <http://www.heliontechnologies.com/>  |
>> e: *MLoraditch at heliontechnologies.com*
>> <MLoraditch at heliontechnologies.com>
>> <image502755.png> <http://www.heliontechnologies.com/>
>> <image552534.png> <https://facebook.com/heliontech>
>> <image068119.png> <https://twitter.com/heliontech>
>> <image315640.png> <https://www.linkedin.com/company/helion-technologies>
>> <image132003.jpg>
>> ------------------------------
>> *From:* cisco-voip <cisco-voip-bounces at puck.nether.net> on behalf of
>> James Buchanan <james.buchanan2 at gmail.com>
>> *Sent:* Sunday, February 9, 2020 4:57:40 PM
>> *To:* voyp list, cisco-voip (cisco-voip at puck.nether.net) <
>> cisco-voip at puck.nether.net>
>> *Subject:* [cisco-voip] Field Notice from Cisco making Secure LDAP
>> mandatory
>>
>>
>> [EXTERNAL]
>>
>> Hello folks,
>>
>> I know you all needed some more work. I sure did! So here you are!
>>
>>
>> https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/trouble/12_5_1/fieldNotice/cucm_b_fn-secure-ldap-mandatory-ad.html
>>
>>
>> I'm interested in any early thoughts on other integrations--vCenter, ISE,
>> VPN, TACACS, etc. I assume it applies across the board.
>>
>> Thanks,
>>
>> James
>>
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200213/ada90fe4/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image367180.png
Type: image/png
Size: 9409 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200213/ada90fe4/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image755198.png
Type: image/png
Size: 431 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200213/ada90fe4/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image389775.png
Type: image/png
Size: 561 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200213/ada90fe4/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image921900.png
Type: image/png
Size: 444 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200213/ada90fe4/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image157220.jpg
Type: image/jpeg
Size: 19523 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20200213/ada90fe4/attachment.jpg>


More information about the cisco-voip mailing list