Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
CM 4.0.1 dadmin account and PIN 2
- Thread starter Doyaya
- Start date
-
2
- #2
- Thread starter
- #4
Don't know if it is still the same under R4,
but on earlier releases you'd get an extra field you could set in the 'login administration page' when loging in with craft or higher:
ACCESS SECURITY GATEWAY PARAMETERS
Access Security Gateway? y
This caused the system to ask for an ASG PIN.. on any account you flag for Y
but on earlier releases you'd get an extra field you could set in the 'login administration page' when loging in with craft or higher:
ACCESS SECURITY GATEWAY PARAMETERS
Access Security Gateway? y
This caused the system to ask for an ASG PIN.. on any account you flag for Y
Guys, reply from Avaya:
< From the documents I have access to it appears that this came out in CM4.0.1 which is the last GA release and is not specific to S8720 or any other hardware for that matter. It was more like a design oversight in CM4.0 allowing Customer with certain login accounts to take ownership of BP accounts and this looks to be the thing development could come up with to work around it. >
and from another e-mail:
< As for the PIN there is little I can do about it since this is not a bug or malfunctioning but a feature providing an additional layer of security. The purpose of this feature in a couple of words is the following:
New in CM4.0.1 is the support for external AAA servers (LDAP, etc). With this in place there is a need for additional security for BP logins so Customers cannot overwrite or get around the restrictions their login accounts are set to have. It is important that BP logs into CM first with dadmin so they get to set the new PIN which will be used for all consecutive sessions for dadmin. IF PIN is compromised it can be changed from SAT. This will not change or overwrite any permissions accounts have in CM.
A PSN on this will be released/published soon on the support.avaya.com website under CM4/Product Support Notices, here:
>
So I guess we're stuck with PIN...
Rgds,
David
< From the documents I have access to it appears that this came out in CM4.0.1 which is the last GA release and is not specific to S8720 or any other hardware for that matter. It was more like a design oversight in CM4.0 allowing Customer with certain login accounts to take ownership of BP accounts and this looks to be the thing development could come up with to work around it. >
and from another e-mail:
< As for the PIN there is little I can do about it since this is not a bug or malfunctioning but a feature providing an additional layer of security. The purpose of this feature in a couple of words is the following:
New in CM4.0.1 is the support for external AAA servers (LDAP, etc). With this in place there is a need for additional security for BP logins so Customers cannot overwrite or get around the restrictions their login accounts are set to have. It is important that BP logs into CM first with dadmin so they get to set the new PIN which will be used for all consecutive sessions for dadmin. IF PIN is compromised it can be changed from SAT. This will not change or overwrite any permissions accounts have in CM.
A PSN on this will be released/published soon on the support.avaya.com website under CM4/Product Support Notices, here:
>
So I guess we're stuck with PIN...
Rgds,
David
- Thread starter
- #7
- Status
Similar threads
- Question