AAA ACS 3.3 Password enforcement problems

Unanswered Question
Nov 19th, 2007

Hi everyone,

Under Password Aging Rules I have "Apply Password change rule" enabled but the user does not get a message to change the password. Instead it disables the account after the user logs in once.

Any help would be much appreciated

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Mon, 11/19/2007 - 13:46

To configure the password expiry, please follow these steps : - On the ACS server, system configurations > Local Password Managment > uncheck the check box " Disable Telnet Change Password against the ACS ". Now on the group setup set up the password aging parameters.

To support password-aging using Windows active directory we need to have AAA client configured for radius.

Below link gives more information on this.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/g.htm#wp479732

For password expiry to work with tacacs we need to have the username and passwords configured locally on the ACS server.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/o.htm#wp792652

Regards,

~JG

Do rate helpful posts

Actions

This Discussion