Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

UC Service User Account Password

Hello Folks,

We would like to implement a procedure in order to be able to periodically change the Service User Account Password (once a year). First of all, is this a recommanded practice? If not, what are the inconveniences? If yes, could you please let me know what would be the best way of accomplishing this task. As Service Acount User, I am refering to AXLAPI_User,  CER_AXLUser, CUCService etc....

Thanks,

 

MK

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

No, why would you see that???

No, why would you see that???? CUCM really has no idea whatsoever what app is using it, to show you the name of the app.

If it registers something like CER, then you would see the registration of CTI RP/ports, then you would need to go and find out who owns the ip you see, but for example, CUACS does not register anything, and it still uses one user. They should have documented what each of the users does.

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
8 REPLIES
Cisco Employee

We have no official

We have no official recommendation around that, it's pretty much up to you, or your customer's security policies.

The change is rather trivial, go to the user, change the pwd and save, that's it, then just make sure to change it anywhere else you're using it (CER, AC, etc)

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
Bronze

Thanks Jaime,This has been

Thanks Jaime,

This has been required by the management but I still can't understand why would we need to change those Application Users Password. Each of those users has many dependencies!!!! Is there any way that those credentials can be divuged to outside people?

Is there a way to automate this process from CM that asks for a password change once every 12 months?

 

Thanks,

 

MK

There is no way to automate

There is no way to automate the process.

Please rate useful posts.
Bronze

Thanks George,When I open the

Thanks George,

When I open the Application User (i.e. AXLAPI_User) and click on the Dependency Records, I was expecting to see a list of the servers using this Application User but it looks like this is not the case. How would that be possible to identify the associated applications with a given Application User?

 

Thanks,

 

MK

Cisco Employee

No, why would you see that???

No, why would you see that???? CUCM really has no idea whatsoever what app is using it, to show you the name of the app.

If it registers something like CER, then you would see the registration of CTI RP/ports, then you would need to go and find out who owns the ip you see, but for example, CUACS does not register anything, and it still uses one user. They should have documented what each of the users does.

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
Bronze

Thanks Jaime, your help is

Thanks Jaime, your help is very much appreciated.

MK

Bronze

One last question guys,What

One last question guys,

What would we gain by changing the Application Users Password? for me, it's just creating hassles for support people. Am I mistaken?

 

Thanks,

 

MK

Pretty much. :P

Pretty much. :P

Please rate useful posts.
70
Views
10
Helpful
8
Replies