
<div dir="ltr">Well, slap my ass and call me Sally.  I change an existing secure LDAP setup from FQDN to IP Address and it still works.<div><br></div><div>I'd be curious to know why it functions this way.  Seems like an opportunity to exploit the Authentication facet of SSL.</div><div><br></div><div><i>"In addition to encryption, a proper SSL certificate also provides authentication. This means you can be sure that you are sending information to the right server and not to an imposter trying to steal your information."</i></div><div><br></div><div>Source: <a href="https://www.sslshopper.com/why-ssl-the-purpose-of-using-ssl-certificates.html">Why SSL? The Purpose of using SSL Certificates</a></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 13, 2020 at 1:32 PM Anthony Holloway <<a href="mailto:avholloway%2Bcisco-voip@gmail.com">avholloway+cisco-voip@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">That's interesting to know.  How did you learn that?</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 13, 2020 at 12:30 PM Brian Meade <<a href="mailto:bmeade90@vt.edu" target="_blank">bmeade90@vt.edu</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">CUCM doesn't check the names, just that the chain is trusted.</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Feb 9, 2020 at 5:23 PM Matthew Loraditch <<a href="mailto:MLoraditch@heliontechnologies.com" target="_blank">MLoraditch@heliontechnologies.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">


<div>

<div dir="ltr">

<div></div>

<div>

<div>Interesting. Our root cert is and has been loaded, but I’m still using just the IPs so normally that would make the handshake fail.</div>

<div><br>

</div>

<div id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412ms-outlook-mobile-signature">Get <a href="https://aka.ms/o0ukef" target="_blank">

Outlook for iOS</a></div>

</div>

</div>

<div><table cellpadding="0" cellspacing="0" border="0" style="width:100%"><tbody><tr style="font-size:0px"><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px"><tbody><tr style="font-size:0px"><td style="padding:0px 10px 0px 0px"> </td><td align="left" style="padding:10px 0px 10px 10px;vertical-align:middle"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal"><tbody><tr style="font-size:0px"><td align="left" style="vertical-align:middle"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px"><tbody><tr style="font-size:14.67px;color:rgb(243,128,11);font-style:normal;font-weight:700;white-space:nowrap"><td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">Matthew Loraditch<span style="font-family:remialcxesans;font-size:1px;color:rgb(255,255,255);line-height:1px"></span></td></tr><tr style="font-size:0px"><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;color:rgb(128,128,128);font-style:normal;font-weight:700;white-space:nowrap"><tbody><tr style="font-size:14.67px"><td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">Sr. Network Engineer</td></tr></tbody></table></td></tr><tr style="font-size:0px"><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px"><tbody><tr style="font-size:0px"><td align="left" style="padding:10px 0px 0px;vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;color:rgb(128,128,128);font-style:normal;font-weight:400;white-space:nowrap"><tbody><tr style="font-size:14.67px"><td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif"><span style="color:rgb(243,128,11)">p:</span> <a href="tel:443.541.1518" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none;color:rgb(128,128,128)" target="_blank"><strong style="font-weight:400">443.541.1518</strong></a></td></tr></tbody></table></td></tr></tbody></table></td></tr><tr style="font-size:0px"><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;color:rgb(128,128,128);font-style:normal;font-weight:400;white-space:nowrap"><tbody><tr style="font-size:14.67px"><td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif"><span style="color:rgb(243,128,11)">w:</span> <a href="http://www.heliontechnologies.com/" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none;color:rgb(128,128,128)" target="_blank"><strong style="font-weight:400">www.heliontechnologies.com</strong></a></td><td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif"> | </td><td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif"><span style="color:rgb(243,128,11)">e:</span> <a href="mailto:MLoraditch@heliontechnologies.com" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none;color:rgb(128,128,128)" target="_blank"><strong style="font-weight:400">MLoraditch@heliontechnologies.com</strong></a></td></tr></tbody></table></td></tr><tr style="font-size:0px"><td align="left" style="vertical-align:middle"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;line-height:normal"><tbody><tr style="font-size:0px"><td align="left" style="vertical-align:bottom"><a href="http://www.heliontechnologies.com/" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><img src="cid:1703fd00365194488b1" width="300" height="75" border="0" title="Helion Technologies" alt="Helion Technologies" style="width: 300px; min-width: 300px; max-width: 300px; height: 75px; min-height: 75px; max-height: 75px; font-size: 12px;"></a></td></tr></tbody></table></td></tr><tr style="font-size:0px"><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px"><tbody><tr style="font-size:0px"><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px"><tbody><tr style="font-size:0px"><td align="left" style="padding:10px 0px;vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0px"><tbody><tr style="font-size:0px"><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal"><tbody><tr style="font-size:0px"><td align="center" style="vertical-align:top"><a href="https://facebook.com/heliontech" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><img src="cid:1703fd0036670d8d8ef2" width="18" height="18" border="0" title="Facebook" alt="Facebook" style="width: 18px; min-width: 18px; max-width: 18px; height: 18px; min-height: 18px; max-height: 18px; font-size: 12px;"></a></td></tr></tbody></table></td><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal"><tbody><tr style="font-size:0px"><td align="center" style="padding:0px 3px 0px 0px;vertical-align:top"><a href="https://twitter.com/heliontech" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><img src="cid:1703fd0036635d680b73" width="18" height="18" border="0" title="Twitter" alt="Twitter" style="width: 18px; min-width: 18px; max-width: 18px; height: 18px; min-height: 18px; max-height: 18px; font-size: 12px;"></a></td></tr></tbody></table></td><td align="left" style="vertical-align:top"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal"><tbody><tr style="font-size:0px"><td align="center" style="padding:0px 3px 0px 0px;vertical-align:top"><a href="https://www.linkedin.com/company/helion-technologies" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><img src="cid:1703fd00366947f3b174" width="18" height="18" border="0" title="LinkedIn" alt="LinkedIn" style="width: 18px; min-width: 18px; max-width: 18px; height: 18px; min-height: 18px; max-height: 18px; font-size: 12px;"></a></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr><tr style="font-size:0px"><td align="left" style="vertical-align:top"><img src="cid:1703fd00366af66088b5" border="0" alt="" style="font-size: 0px;"></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></div><hr style="display:inline-block;width:98%">

<div id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Lelio Fulgenzi <<a href="mailto:lelio@uoguelph.ca" target="_blank">lelio@uoguelph.ca</a>><br>

<b>Sent:</b> Sunday, February 9, 2020 5:15:40 PM<br>

<b>To:</b> Matthew Loraditch <<a href="mailto:MLoraditch@heliontechnologies.com" target="_blank">MLoraditch@heliontechnologies.com</a>><br>

<b>Cc:</b> James Buchanan <<a href="mailto:james.buchanan2@gmail.com" target="_blank">james.buchanan2@gmail.com</a>>; voyp list, cisco-voip (<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>) <<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>><br>

<b>Subject:</b> Re: [cisco-voip] Field Notice from Cisco making Secure LDAP mandatory</font>

<div> </div>

</div>

<div dir="auto">

<p></p>

<div style="background-color:rgb(255,235,156);width:100%;border-style:solid;border-color:rgb(156,101,0);border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:Calibri;color:black;text-align:left">

<span style="color:rgb(156,101,0)">[EXTERNAL]</span></div>

<br>

<p></p>

<div>

<div><br>

</div>

I couldn’t get secure ldap to work without loading the certificates from the AD servers. I also had more luck using the global catalog ports. <br>

<br>

<div id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412x_AppleMailSignature" dir="ltr">Sent from my iPhone</div>

<div dir="ltr"><br>

On Feb 9, 2020, at 5:05 PM, Matthew Loraditch <<a href="mailto:MLoraditch@heliontechnologies.com" target="_blank">MLoraditch@heliontechnologies.com</a>> wrote:<br>

<br>

</div>

<blockquote type="cite">

<div dir="ltr">

<div>

<div>

<div style="direction:ltr">I was wondering if they were going to post anything as it’s very unclear if ldap over tls was the fix.</div>

<div><br>

</div>

<div style="direction:ltr">Apparently (and amen) it is. Did it on our office system last week to see if it would work without any certificate needs. It just worked and during a save it will instantly tell you if it worked or not.</div>

<div><br>

</div>

<div style="direction:ltr">Outside of the most regimented environments you should be able to just make the change. If it fails talk to your AD team as they would likely have something blocked or disabled.</div>

</div>

<div><br>

</div>

<div>Get <a href="https://aka.ms/o0ukef" target="_blank">Outlook for iOS</a></div>

</div>

<div>

<table cellpadding="0" cellspacing="0" border="0" style="width:100%">

<tbody>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px">

<tbody>

<tr style="font-size:0px">

<td style="padding:0px 10px 0px 0px"> </td>

<td align="left" style="padding:10px 0px 10px 10px;vertical-align:middle">

<table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal">

<tbody>

<tr style="font-size:0px">

<td align="left" style="vertical-align:middle">

<table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px">

<tbody>

<tr style="font-size:14.67px;color:rgb(243,128,11);font-style:normal;font-weight:700;white-space:nowrap">

<td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">

Matthew Loraditch<span style="font-family:remialcxesans;font-size:1px;color:rgb(255,255,255);line-height:1px"></span></td>

</tr>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;color:rgb(128,128,128);font-style:normal;font-weight:700;white-space:nowrap">

<tbody>

<tr style="font-size:14.67px">

<td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">

Sr. Network Engineer</td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px">

<tbody>

<tr style="font-size:0px">

<td align="left" style="padding:10px 0px 0px;vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;color:rgb(128,128,128);font-style:normal;font-weight:400;white-space:nowrap">

<tbody>

<tr style="font-size:14.67px">

<td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">

<span style="color:rgb(243,128,11)">p:</span> <a href="tel:443.541.1518" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none;color:rgb(128,128,128)" target="_blank"><strong style="font-weight:400">443.541.1518</strong></a></td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;color:rgb(128,128,128);font-style:normal;font-weight:400;white-space:nowrap">

<tbody>

<tr style="font-size:14.67px">

<td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">

<span style="color:rgb(243,128,11)">w:</span> <a href="http://www.heliontechnologies.com/" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none;color:rgb(128,128,128)" target="_blank"><strong style="font-weight:400">www.heliontechnologies.com</strong></a></td>

<td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">

 | </td>

<td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif">

<span style="color:rgb(243,128,11)">e:</span> <a href="mailto:MLoraditch@heliontechnologies.com" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none;color:rgb(128,128,128)" target="_blank"><strong style="font-weight:400">MLoraditch@heliontechnologies.com</strong></a></td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr style="font-size:0px">

<td align="left" style="vertical-align:middle">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px;line-height:normal">

<tbody>

<tr style="font-size:0px">

<td align="left" style="vertical-align:bottom"><a href="http://www.heliontechnologies.com/" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><image502755.png></a></td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px">

<tbody>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px">

<tbody>

<tr style="font-size:0px">

<td align="left" style="padding:10px 0px;vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="font-size:0px">

<tbody>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal">

<tbody>

<tr style="font-size:0px">

<td align="center" style="vertical-align:top"><a href="https://facebook.com/heliontech" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><image552534.png></a></td>

</tr>

</tbody>

</table>

</td>

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal">

<tbody>

<tr style="font-size:0px">

<td align="center" style="padding:0px 3px 0px 0px;vertical-align:top"><a href="https://twitter.com/heliontech" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><image068119.png></a></td>

</tr>

</tbody>

</table>

</td>

<td align="left" style="vertical-align:top">

<table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0px;line-height:normal">

<tbody>

<tr style="font-size:0px">

<td align="center" style="padding:0px 3px 0px 0px;vertical-align:top"><a href="https://www.linkedin.com/company/helion-technologies" id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412LPlnk689713" style="text-decoration:none" target="_blank"><image315640.png></a></td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr style="font-size:0px">

<td align="left" style="vertical-align:top"><image132003.jpg></td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</div>

<hr style="display:inline-block;width:98%">

<div id="gmail-m_-4869093767311976650gmail-m_6713324654651433624gmail-m_-4866515347527435412x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> cisco-voip <<a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>> on behalf of James Buchanan <<a href="mailto:james.buchanan2@gmail.com" target="_blank">james.buchanan2@gmail.com</a>><br>

<b>Sent:</b> Sunday, February 9, 2020 4:57:40 PM<br>

<b>To:</b> voyp list, cisco-voip (<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>) <<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>><br>

<b>Subject:</b> [cisco-voip] Field Notice from Cisco making Secure LDAP mandatory</font>

<div> </div>

</div>

<div>

<p></p>

<div style="background-color:rgb(255,235,156);width:100%;border-style:solid;border-color:rgb(156,101,0);border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:Calibri;color:black;text-align:left">

<span style="color:rgb(156,101,0)">[EXTERNAL]</span></div>

<br>

<p></p>

<div>

<div dir="ltr">Hello folks,

<div><br>

</div>

<div>I know you all needed some more work. I sure did! So here you are!</div>

<div><br>

</div>

<div><a href="https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/trouble/12_5_1/fieldNotice/cucm_b_fn-secure-ldap-mandatory-ad.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/trouble/12_5_1/fieldNotice/cucm_b_fn-secure-ldap-mandatory-ad.html</a> </div>

<div><br>

</div>

<div>I'm interested in any early thoughts on other integrations--vCenter, ISE, VPN, TACACS, etc. I assume it applies across the board. </div>

<div><br>

</div>

<div>Thanks,</div>

<div><br>

</div>

<div>James</div>

<div> <br>

</div>

</div>

</div>

</div>

</div>

</blockquote>

<blockquote type="cite">

<div dir="ltr"><span>_______________________________________________</span><br>

<span>cisco-voip mailing list</span><br>

<span><a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a></span><br>

<span><a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a></span><br>

</div>

</blockquote>

</div>

</div>

</div>


_______________________________________________<br>

cisco-voip mailing list<br>

<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>

<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>

</blockquote></div>

_______________________________________________<br>

cisco-voip mailing list<br>

<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>

<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>

</blockquote></div>

</blockquote></div>