cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1181
Views
0
Helpful
4
Replies

notification to users that password will expire

disailovic
Level 1
Level 1

Is there a way users can be notified that password from ACS will expire, when password aging rules is activated?

4 Replies 4

Premdeep Banga
Level 7
Level 7

Are the users doing telnet/ssh or are doing vpn/dial in/wireless access etc ?

What is the version of ACS ?

Regards,

Prem

Hi Prem,

ACS version is 4.1

My customer would like to have notification for all users, vpn/dial up/administrators...

Regards,

Dragana

Jagdeep Gambhir
Level 10
Level 10

I would like to know how user are joining the network ? ( like if users are logging via

telnet or VPN or PPP ) ACS supports four different password aging methods:

.PEAP and EAP-FAST Windows Password Aging-Users must be in the Windows user database and be using a Microsoft client that supports EAP, such as Windows XP. For information on the requirements and configuration of this password aging mechanism, see Enabling Password Aging for Users in Windows Databases.

.RADIUS-based Windows Password Aging-Users must be in the Windows user database and be

using the Windows Dial-up Networking (DUN) client. For information on the requirements and configuration of this password aging mechanism, see Enabling Password Aging for Users in Windows Databases.

.Password Aging for Device-hosted Sessions-Users must be in the CiscoSecure user database, the AAA client must be running TACACS+, and the connection must use Telnet. You can control the ability of users to change passwords during a device-hosted Telnet session. You can also control whether Cisco Secure ACS propagates passwords changed by this feature. For more information, see Local Password Management.

.Password Aging for Transit Sessions-Users must be in the CiscoSecure user database. Users must use a PPP dialup client. Further, the end-user client must have CiscoSecure

Authentication Agent (CAA) installed.

---> please also check:

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs

33/user/g.htm#wp479534

Regards,

~JG

Do rate helpful posts

Hi JG,

my customer is using vpn, ppp dial in access with RADIUS, ssh/telnet with TACACS and local ACS data base. For all groups password aging is already applied.

They asked me if there is some way ACS database can be accessed and used by some custom made applicaton or script, so e-mail notification can be sent to users notifying them that there is X days until password expires.

Regards,

Dragana

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: