Why does callmanager does not change the password of sa after the install? It asks for SQL password and still the sa passwors is blank and any odbc source can connect to the callmanager database when connecting to it??
why such a big security hole? any reason behind it? what can we do to secure callmanager database?
The SA password is an SQL only password, and is not altered in anyway during an Administrator password change. Changing the SA password is OK, however it is detailed on how to do this in Microsoft's documentation under the MSSQL Server 7.0, under Books Online due to the fact that it does not really factor into day-to-day CallManager issues.
Starting with 4.0, the database gets installed using NT authentication instead of the SQL sa authentication, unless you do a co-resident install with IPCC and then I am pretty sure it changes it to mixed mode. I am surprised you actually get into the database with blank sa password:
In order to make administration of Cisco CallManager 4.0 easier, authentication has changed from 'SQL Server and Windows' to a 'Windows Only' authentication. In the past, a separate account and password was required in order to access the SQL database on the Cisco CallManager server after the initial Windows logon to the server. In Cisco CallManager 4.0, you only need to logon to Windows in order to gain access to the SQL database. This was done so users would not have to remember their SQL Server system administrator (SA) passwords after their initial install. For additional information refer to the Cisco CallManager Installation Documentation
You did not mention what release of CCM you were running. There was a bug in some release where the SA password would not be set, left blank. You should be prompted at the beginning of the install to set an SA password. Once the install is complete the passsword you selected should be set.
The SA password can be changed in SQL Enterprise Manager, make sure that the SA account is the same on all nodes.
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...
This document describe how DST changes and how time changes are
implemented in DST. Daylight Saving Time (DST) is the practice of
setting the clocks forward 1 hour from standard time during the summer
months, and back again in the fall, in order to make b...