https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485464#M32989 <HTML><HEAD></HEAD><BODY><P>Also allow me to add this is an on premise non cloud install</P></BODY></HTML> Thu, 19 Jan 2017 21:43:28 GMT rm760 2017-01-19T21:43:28Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485461#M32986 <HTML><HEAD></HEAD><BODY><P>Hello</P><P>I have been asked if it is possible to limit Jabber registrations to devices provided by the employer.&nbsp; If such is possible, I would appreciate any direction given.&nbsp; </P></BODY></HTML> Mon, 18 Mar 2019 01:38:11 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485461#M32986 rm760 2019-03-18T01:38:11Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485462#M32987 <HTML><HEAD></HEAD><BODY><P>Ron</P><P></P><P>Today there isn't a perfect solution for this, user based policy enforcement and that too broken down by modality of communication like IM vs voice/video is on the roadmap. You can however use cert based auth with x8.9 and if you don't have the cert you won't login</P><P></P><P><A href="http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/11_7/cjab_b_planning-guide-jabber-117/cjab_b_planning-guide-jabber-117_chapter_011.html#reference_8078B490F394A2079E547BC7911DBCBD" title="http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/11_7/cjab_b_planning-guide-jabber-117/cjab_b_planning-guide-jabber-117_chapter_011.html#reference_8078B490F394A2079E547BC7911DBCBD">Planning Guide for Cisco Jabber 11.7 - User Management [Cisco Jabber for Windows] - Cisco</A></P></BODY></HTML> Thu, 19 Jan 2017 21:25:05 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485462#M32987 skilambi 2017-01-19T21:25:05Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485463#M32988 <HTML><HEAD></HEAD><BODY><P>Srinivasan</P><P>I did read this, but interpreted it to mean that the user would no longer require credentials.&nbsp; Is this correct?</P></BODY></HTML> Thu, 19 Jan 2017 21:36:16 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485463#M32988 rm760 2017-01-19T21:36:16Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485464#M32989 <HTML><HEAD></HEAD><BODY><P>Also allow me to add this is an on premise non cloud install</P></BODY></HTML> Thu, 19 Jan 2017 21:43:28 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485464#M32989 rm760 2017-01-19T21:43:28Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485465#M32990 <HTML><HEAD></HEAD><BODY><P>Yes uses expressway and your MDM solutions to push cert and of course UCM</P><P></P><P>Thanks</P><P>Srini</P></BODY></HTML> Thu, 19 Jan 2017 21:51:21 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485465#M32990 skilambi 2017-01-19T21:51:21Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485466#M32991 <HTML><HEAD></HEAD><BODY><P>The cert would identify the user so yes it's basically SSO with certs</P><P></P><P>Thanks</P><P>Srini</P></BODY></HTML> Fri, 20 Jan 2017 03:07:06 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485466#M32991 skilambi 2017-01-20T03:07:06Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485467#M32992 <HTML><HEAD></HEAD><BODY><P>Srinivasan</P><P>I have enabled SSO on VCS-E, VCS-C, and call manager.&nbsp; VCS is set for exclusive MRA mode. SSO IdP is ADFS 2.0.&nbsp; USers are logging in via SSO.&nbsp; They can still use personal devices without certs on them to login just by knowing their AD credentials.&nbsp; Do I need to expand the relay or CoT to include the CA cert provider?&nbsp; If so please do detail how to go about doing so.&nbsp; </P></BODY></HTML> Sat, 18 Feb 2017 21:47:53 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485467#M32992 rm760 2017-02-18T21:47:53Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485468#M32993 <HTML><HEAD></HEAD><BODY><P>Ron</P><P></P><P>Not sure since I don’t have a client who has deployed it yet. Maybe a case for TAC to check if this is working as designed. You would think without the certificate, the client won’t be allowed to login, if they found your password but I am not sure. I know more security policies through expressway are being planned like controlling user group access by type of communication but that shouldn’t stop this from working. Let me know what was the end result though?</P><P></P><P>Srini Kilambi</P></BODY></HTML> Sat, 18 Feb 2017 23:48:52 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485468#M32993 skilambi 2017-02-18T23:48:52Z https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485469#M32994 <HTML><HEAD></HEAD><BODY><P>Srini</P><P>I am thinking now along the lines of the IdP processing.&nbsp; Currently we are only doing form validation for credentials via Microsoft ADFS 2.0.&nbsp; I believe going to ADFS 4.0 and incorporating certificate validation is going to be the next step. </P></BODY></HTML> Sun, 19 Feb 2017 18:19:23 GMT https://community.cisco.com/t5/collaboration-applications/limit-jabber-to-specific-endpoints/m-p/3485469#M32994 rm760 2017-02-19T18:19:23Z