ACS SE 4.2: Password Expiry/Change over SSH

Answered Question
Aug 5th, 2008

I am having a hard time to get a "simple" password change working.

What i am trying to achieve:

Create Account in ACS with username and Password. Group Settings are "change Password on first login".

The first login with Telnet works and prompts for a password change. But who is willing to use Telnet these days?

Same test with SSH first login -> Access Denied.

The result is that ACS reports the user as "Expired".

Is this a Layer8 configuration Problem, a bug in ACS or IOS or is it simply not possible?

I am currently testing on WS-C4948 running 12.2(25)EWA11.

Thanks for reading


I have this problem too.
0 votes
Correct Answer by Jagdeep Gambhir about 8 years 2 months ago

For TACACS+ with SSH password aging, one-time password change etc are supported by

CSCin91851. The fix is integrated in version 12.4(10.01)T.



Do rate helpful posts

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Roble Mumin Tue, 08/05/2008 - 21:05

Hey JG,

thanks for the info. A bug makes sense as this problem was kind of strange.



This Discussion