Guest

Preview Tool

Cisco Bug: CSCvt43803 - Jabber 12.7 and below cannot use Service Account credentials from Service Profile

Last Modified

Sep 21, 2020

Products (1)

  • Cisco Jabber for Windows

Known Affected Releases

12.0(0) 12.0(1) 12.1 12.1(0) 12.1(0.1) 12.1(1) 12.1(2) 12.1(2.1) 12.1(2.2) 12.5(0) 12.5(1) 12.5(1.1) 12.5(1.2) 12.5(1.3) 12.5(1.4) 12.5(2) 12.6(0) 12.6(1) 12.6(1.1) 12.6(1.2) 12.6(2) 12.6(2.1) 12.6(2.2) 12.7(0) 12.7(1) 12.7(1.1) 12.8(1)

Description (partial)

Symptom:
With the new feature in CUCM 12.5.1Su2
Support for LDAP Credentials in Cisco Jabber Service Profile
https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/12_5_1/SU2/cucm_b_release-notes-for-cucm-imp-1251su2/cucm_b_release-notes-for-cucm-imp-1251su2_chapter_01.html#concept_1EF96B79F39A94C5F5A9C23408F668E2

CUCM will now send the Service Account credentials in encrypted format to Jabber when Jabber downloads the service profile. 
Now since Jabber and CUCM does not have any key negotiation to decrypt this password, Jabber will pass on this encrypted password to AD which will result in connection failure. 

So from Jabber 12.8, we download the Service Account credentials also as part of User Profile after end-user authentication, this way it is made secure.

Now Jabber 12.7 and below does not download Service Account credentials as part of User Profile, it only downloads it from Service Profile which will result in connection failure with AD since password is encrypted. 

This has to be mentioned in our planning guide.

Conditions:
CUCM 12.5.1Su2 Service Account credentials in Service profile with Jabber 12.7 or lower.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.