When you configure SASL in UVMS, the password is stored reversibly?
Article ID: 87311
Updated On:
Products
CA Automic Dollar Universe
Issue/Introduction
Error Message :
N/A
Patch level detected:Univiewer Management Server 6.3.01
Product Version: Dollar.Universe 6.3.01
Description :In the ldap.xml configuration file (UniViewer 6 - Administrator Guide described in section: "LDAP Configuration File"), securityAuthentication must be set to DIGEST-MD5 In this case:
-The LDAP server must be configured to support SASL.
-The user password must be stored using reversible encryption ("Store password using reversible encryption").
-Connection to the LDAP server uses the usersAttributeI field of the ldap.xml file. For instance, in the case of the Active Directory use: usersAttributeId=sAMAccountName.
THIS SUGGESTS THAT THE PASSWORD IS STORED REVERSIBLY
N/A
Patch level detected:Univiewer Management Server 6.3.01
Product Version: Dollar.Universe 6.3.01
Description :In the ldap.xml configuration file (UniViewer 6 - Administrator Guide described in section: "LDAP Configuration File"), securityAuthentication must be set to DIGEST-MD5 In this case:
-The LDAP server must be configured to support SASL.
-The user password must be stored using reversible encryption ("Store password using reversible encryption").
-Connection to the LDAP server uses the usersAttributeI field of the ldap.xml file. For instance, in the case of the Active Directory use: usersAttributeId=sAMAccountName.
THIS SUGGESTS THAT THE PASSWORD IS STORED REVERSIBLY
Cause
Cause type:
By design
Root Cause: N/A
By design
Root Cause: N/A
Environment
OS: All
Resolution
Regarding the step:
-The user password must be stored using reversible encryption ("Store password using reversible encryption")
This is only required for the consultation login password (read only user), and it means that is not stored.
A hash is sent for the authentication, and that means that the password will not be reversible, so there is nothing to fear.
Fix Status: Released
Fix Version(s):
Component: Univiewer.Management.Server
Version: Dollar.Universe 6.3.01
-The user password must be stored using reversible encryption ("Store password using reversible encryption")
This is only required for the consultation login password (read only user), and it means that is not stored.
A hash is sent for the authentication, and that means that the password will not be reversible, so there is nothing to fear.
Fix Status: Released
Fix Version(s):
Component: Univiewer.Management.Server
Version: Dollar.Universe 6.3.01
Additional Information
Workaround :
N/A
N/A
Feedback
Yes
No
Powered by
