AAA ACS 3.3 Password enforcement problems

Unanswered Question
Nov 19th, 2007
User Badges:

Hi everyone,


Under Password Aging Rules I have "Apply Password change rule" enabled but the user does not get a message to change the password. Instead it disables the account after the user logs in once.


Any help would be much appreciated


Thanks


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Mon, 11/19/2007 - 13:46
User Badges:
  • Red, 2250 points or more

To configure the password expiry, please follow these steps : - On the ACS server, system configurations > Local Password Managment > uncheck the check box " Disable Telnet Change Password against the ACS ". Now on the group setup set up the password aging parameters.


To support password-aging using Windows active directory we need to have AAA client configured for radius.


Below link gives more information on this.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/g.htm#wp479732

For password expiry to work with tacacs we need to have the username and passwords configured locally on the ACS server.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/o.htm#wp792652


Regards,

~JG


Do rate helpful posts

Actions

This Discussion