About GeorgePerkins0204

GeorgePerkins0204 · 01-12-2024

I cannot find documentation or blogs or tips where I turn off NTLM authentication in ISE. Like the original post, we are a customer that needs to turn off NTLM on all domain devices and users. Audit of NTLM group policy settings are enabled to find a...

GeorgePerkins0204 · 11-14-2023

This bug CSCwa45730 [Known Fixed Releases] contains 5.0(1c) as fixed. This is incorrect. I opened a Cisco HXDP support case to clarify and indeed, 5.0(1c) is vulnerable. Only HXDP containing ESXi 7.0U3i or later with an upgrade to HXDP 5.0(2a) or la...

GeorgePerkins0204 · 10-13-2023

For unknown reasons, a blade in a slot has become status "Needs Resolution" with the UCSM errors shown below. Hardware is no longer on SmartNet support, can't call in a new case. N20-C6508UCS B200 M4 Warning is being raised and cleared every 20 minu...

GeorgePerkins0204 · 10-03-2023

We see this on M6 (PID UCSC-C240-M6SN) as Fault F1945 in UCS Manager on all NVMe drives/controllers.Applicable?Will Cisco develop a fix?If it is occurring on M5 and M6 seems that Cisco should respond with a firmware fix.Support is asking us to "try ...

GeorgePerkins0204 · 12-01-2022

Just to clarify, this bug is occuring on both M5 and M6.In our case, HyperFlex Optane/NVMe M6 H240c (two clusters, 8 nodes) continue to get this error although it does not cause an operational problem (only the BMC management processor is reset and u...

GeorgePerkins0204 · 01-18-2024

Link directly to BRKSEC-2705

GeorgePerkins0204 · 01-16-2024

You are confirming what I think I have surmised in my readings elsewhere. But I'm afraid it is mostly alphabet soup to me. Which is why I had hoped Cisco could provide a document, white paper, KB, -=something=- that explains this in sufficient detail...

GeorgePerkins0204 · 01-16-2024

>>> Out of curiosity, why are you asked to disable NTLM on all domain devices? <<<NTLM is vulnerable to man-in-the-middle attacks (among other issues) and is widely understood to be insecure. Auditors require plans to decommission its use. Microsoft'...

GeorgePerkins0204 · 01-16-2024

I believe there is some confusion here on what I'm asking for.1. We can use LDAP or an IDP or local accounts for logging into the ISE admin portal (for network and security admins to login and manage ISE or use ISE reports, etc.) and avoid NTLM. This...

GeorgePerkins0204 · 01-12-2024

I have started a new topic since the above reply is to an old, closed thread. Please see: turn-off-ntlm-in-ise-use-kerberos-instead

Member Since	‎07-17-2019 01:49 PM
Date Last Visited
Posts	34
Total Helpful Votes Received	15

User Statistics

User Activity

Turn off NTLM in ISE, Use Kerberos instead.

CSCwa45730 - Linux kernel soft lockup Hyperflex Storage Controller VM

Impact of Resolve Slot Issue Mismatch Identity Unestablishable

CSCwd65819 NVMe non-optimal state F1945 M5, M6

CSCvw46317 - Error F0322 BMC watchdog resets CIMC Unexpectedly

Re: Turn off NTLM in ISE, Use Kerberos instead.

Re: Turn off NTLM in ISE, Use Kerberos instead.

Re: Turn off NTLM in ISE, Use Kerberos instead.

Re: Turn off NTLM in ISE, Use Kerberos instead.

Re: ISE and Kerberos only AD