I have a question that hopefully someone can help me with. I have about 400-500 Unity 3.1(3) subscribers who are voice mail only. There are also about a dozen unified messaging subscribers but I think they aren't involved in this. The problem is that Unity creates a Windows account (which are in our organization's Active Directory -- we have prefixed each of them with "zz" to differentiate them) and assigns it the default password. From what I can tell, that is the last time that Unity touches them since after looking at a number of these accounts I have found that their passwords are unchanged (we enforce periodic voice mail password changes).
Obviously, having all these accounts hanging around with rather simple passwords is a security risk so I'm wondering if I can simply disable the lot of them. I've tried it on a test account and its voice mail appears to continue to work without problems. However, looking into the event logs on our Unity server, I also noticed that the test user that I had disabled was causing this error to be reported:
Event Type: Error
Event Source: MSExchangeIS Mailbox Store
Event Category: Logons
Event ID: 1022
Time: 4:05:35 AM
Logon Failure on database "First Storage Group\Private Information Store (UNITY)" - Windows 2000 account TOWNE_CENTER\unity_us; mailbox /o=Ligand Pharmaceuticals/ou=TOWNE_CENTER/cn=Recipients/cn=zzDoeAaron.
Before I do anything so sweeping as to disable all those "zz" accounts I would like to get some feedback on this. Will this work? Will Unity continue to work for these folks? Is there perhaps an easier way to secure these accounts? If disabling all of the accounts will multiply this error by a factor of 400-500, that would not be desirable. Any help would be greatly appreciated.
Going by the error you received when you deleted the test account, I would not recommend deleting those accounts, those accounts appear to be the accounts that are associated with the mailboxes that Unity uses for their message store. It makes since that you do not have duplicate accounts for the Unified users, since they would use the same account and mailbox, but for the VM only users, they need two different accounts and mailboxes.
The password setting, if done in AD does not take effect for Unity, only if they would use that account to log onto your network.
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: email@example.com Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...