05-09-2013 09:48 AM - edited 03-18-2019 01:05 AM
All,
For those of you that have VCS-Es deployed on the public internet or in a DMZ, do you utilize LDAP authentication for admin purposes? If so how do you securely query your AD servers?
Is it safe to deploy the VCS-E in a DMZ and poke a hole from the DMZ to the LAN for the LDAP query?
Thank you,
Justin Ferello
Technical Support Specialist
KBZ, a Cisco Authorized Distributor
http://www.kbz.com
e/v: justin.ferello@kbz.com
05-09-2013 03:27 PM
VCS-E deployed in public, we do not use LDAP authentication for admin, only local database.
I've created a read-only account which the support staff can access, only problem I've found with that is that they can't use the tools.
/jens
06-14-2013 09:02 AM
Jens,
Yeah, that would be problem. This is kind of a huge issue for us. There are two issues with this.
1) There are no password requirements or change frequencies on the local accounts unless you get the JITC key, but not sure we can get that or what other issues that may cause.
2) We have at least 5 admins and use LDAP for most of our systems, plus we force password changes at set intervals, so it creates more work for our admins.
Thank you,
Justin Ferello
Technical Support Specialist
KBZ, a Cisco Authorized Distributor
http://www.kbz.com
e/v: justin.ferello@kbz.com
06-14-2013 09:37 AM
I guess thats a question your person responsible for IT security should answer.
Please remember to rate helpful responses and identify
06-14-2013 10:45 AM
Hi friends,
Let me give my opinion here:
What is the real need to operate VCSe? Monitor calls? Check registrations? Backup? You can do all these things via TMS. I dont think VCSe needs such operation that demands a LDAP integration.
Just my opinion...
Paulo Souza
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide