Guest

Preview Tool

Cisco Bug: CSCvv98289 - Need LDAP SASL Bind support in PCP

Last Modified

Oct 08, 2020

Products (1)

  • Cisco Prime Collaboration

Known Affected Releases

12.6SU2

Description (partial)

Symptom:
Need LDAP SASL Bind support in PCP

Right now LDAP supports only simple bind
	    env.put(Context.SECURITY_AUTHENTICATION, "simple");
PCP should also support  SASL for example
env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5 GSSAPI");

Below links proivde info on changes in LDAP signing
https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows
https://secureinfra.blog/2019/08/03/step-by-step-enforce-require-ldap-signing-on-domain-controllers-part-1/
https://docs.oracle.com/javase/jndi/tutorial/ldap/security/sasl.html

Customer have disabled simplebind , and have enabled SASL bind (Kerberos). 
After this syncs have stopped working
PCP should support this as well.
There should be a way in UI to select what kind of bind customer wants to use.

Conditions:
Need LDAP SASL Bind support in PCP

Right now LDAP supports only simple bind
	    env.put(Context.SECURITY_AUTHENTICATION, "simple");
PCP should also support  SASL for example
env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5 GSSAPI");

Below links proivde info on changes in LDAP signing
https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows
https://secureinfra.blog/2019/08/03/step-by-step-enforce-require-ldap-signing-on-domain-controllers-part-1/
https://docs.oracle.com/javase/jndi/tutorial/ldap/security/sasl.html

Customer have disabled simplebind , and have enabled SASL bind (Kerberos). 
After this syncs have stopped working
PCP should support this as well.
There should be a way in UI to select what kind of bind customer wants to use.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.