Security Vulnerability: GroupWise Vulnerability in eDirectory Authentication Mechanism
This document (7010773) is provided subject to the disclaimer at the end of this document.
The post office security level is set to "High"
The administrator has enabled eDirectory Authentication under the "High Security Options" settings of the post office.
The administrator has the enabled the "Use eDirectory authentication instead of password" option in ConsoleOne under GroupWise Utilities | Client Options | Security
1) Update both your GroupWise Post Office Agents (POA) and GroupWise client software to GroupWise 8.0 Support Pack 3 or GroupWise 2012 Support Pack 1
2) Prevent older clients from logging in by setting the "Minimum Client Release Date" option for each post office in ConsoleOne | <right-click on the Post Office> | Properties | Client Access Settings | Lock out Older GroupWise Clients and specifying a minimum client date of June 15, 2012 (or later).
If you are not able to immediately update your POA and client software and lockout older clients, you can secure your system by temporarily un-checking and locking the "Use eDirectory authentication instead of password" option in ConsoleOne under GroupWise Utilities | Client Options | Security (which will force users to authenticate with a GroupWise password).
For information on configuring the password settings for your GroupWise 8 post office, see the GroupWise 8 documentation at:
For information on configuring the password settings for your GroupWise 2012 post office, see the GroupWise 2012 documentation at: http://www.novell.com/documentation/groupwise2012/gw2012_guide_admin/?page=/documentation/groupwise2012/gw2012_guide_admin/data/a7q4wsn.html
Novell bug 765364
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7010773
- Creation Date:11-SEP-12
- Modified Date:21-SEP-12
Did this document solve your problem? Provide Feedback