Troubleshooting Cisco Secure ACS on Windows - Q&A clarification.

Unanswered Question
May 17th, 2007

In a Cisco Press publication "Troubleshooting Cisco Secure ACS on Windows" (http://www.ciscopress.com/articles/article.asp?p=474238&seqNum=6&rl=1), I read the following question:

How can I disable the users' option to change the password by using Telnet to access the router?

It has an answer describing certain details. However, the question itself is not clear to me. Could someone explain them a little more clearly?

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
darpotter Thu, 05/17/2007 - 12:48

At the command prompt on a router its possible to start a password change request over TACACS to the ACS server.

I think you enter an empty password twice as I recall.

This can cause problems if users change their password on a "slave" ACS which is then replicated to from a "master" thus setting the password back to its pre-changed value.

pkapoor Thu, 05/17/2007 - 12:55

Thanks for your input.

Can you tell me how, once at a router command line, can I initiate this request to change the password on the ACS server?

Actions

This Discussion