locked
Lync update to support Lync Mobile (CU4 or CU5) and possible security concern - Edge Server RRS feed

  • Question

  • I realize CU5 is out , but I wanted to make sure the below issue doesn't exist in CU5 before we update.

    This assumes that the issue below even exists.

    According the comment at the bottom of the following page, there seems to be a security concern with CU4 and the edge server.  Does anyone know if there is any validity to the post?  Seems like if the issue did really exist, we'd see more on it.

    http://lyncinsider.com/instant-messaging/install-cumulative-update-4-to-prepare-lync-for-mobile-device-use/#comments

    Text quoted from above link

    "Has anyone noticed that after applying the latest lync updates to your edge servers you can now login with any user without a password? This started happening in our test environment after applying the update. I have checked with one of my peers who also runs a lync environment and he is having the same issue. He did not notice it until I pointed it out. You still have to type in a password for your director and front end pools. This is happening on our edge pool."

    Thanks

    Thursday, March 8, 2012 10:29 PM

All replies

  • Hi,

    following is the related to this but i am not sure that they have deployed cu5 or not have a look in to this http://social.technet.microsoft.com/Forums/en-US/ocssecurity/thread/d550265c-1a58-4cb9-9e75-33c21a45857c 

    also i have found one issue i think the same was happening with ocs in which on the edge server internal certificate was installed on edge internal interface along with the name of FE servers and edge serve names.

    Hope above make sens


    If answer is helpful, please hit the green arrow on the left, or mark as answer. Salahuddin | Blogs:http://salahuddinkhatri.wordpress.com | MCITP Microsoft Lync

    Thursday, March 8, 2012 11:03 PM
  • Very interesting article.  Seems like it may not be CU4 that causes the issues, but instead a configuration issue that probably existed already (in regards to the person commenting on the lyncinsider article).

    I'd be curious to see if anyone else has seen this.

    Skhatri, too bad the thread you referenced does not have a resolution.

    Friday, March 9, 2012 12:27 AM
  • Hi,

    I didn't give the above reference for the solution. i gave the reference to make aware you aware that there are threads related to that.

    Also i have deployed CU4 many times to many customers but i didnt have these issues.


    If answer is helpful, please hit the green arrow on the left, or mark as answer. Salahuddin | Blogs:http://salahuddinkhatri.wordpress.com | MCITP Microsoft Lync

    Friday, March 9, 2012 7:14 AM
  • Thank you, I understood your intent, I'm just bummed that the other thread doesn't show resolution. 

    Thanks again

    Friday, March 9, 2012 4:07 PM
  • hi, the reason to mention other thread is that you can also follow up with that as MSFT is also involved in that case. Also there are some other users who have posted their suggestion you can also try those.


    If answer is helpful, please hit the green arrow on the left, or mark as answer. Salahuddin | Blogs:http://salahuddinkhatri.wordpress.com | MCITP Microsoft Lync

    Friday, March 9, 2012 9:36 PM
  • Hi,there,

    I don't think it's caused by the updates package instead misconfiguration,like the thread SKHATRI quoted,some customer has encountered this issue before they apply CU4,and most of those cased are caused by wrong certificate on Edge or  trust server configuration.

    If you are concern about it you can try to build a test Lab then pilot it to your production environment after thoroughlt testing.

    B/R

    Sharon


    Sharon Shen

    TechNet Community Support

    ********************************************************************************************************************************************************************* Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.

    • Proposed as answer by Sharon.Shen Monday, April 2, 2012 6:26 AM
    Monday, March 12, 2012 8:48 AM