12-18-2008 02:29 PM - edited 03-10-2019 04:14 PM
Is there a way I can set up a user in ACS, and put a temporary password. As soon as this user logs in into the first device (router, firewall, etc) The device will ask him to change the password. This is for Management Purposes and I'm using the Internal Database for this.
Thanks in advance, for your help.
12-24-2008 07:22 AM
No its not possible as use in ACS to set temporary password.
12-24-2008 08:01 AM
Having done this a few weeks ago, I can say that
YES, IT CAN BE DONE EASILY.
Step #1: Create a group called test. In this
group, you will see "Passing Aging Rules".
Underneath that, you will see a check box to
force the user to change the password on the
first log-in after an administrator has changed it.
Step #2: Create a user say "cciesec". You
then associate this user with group "test".
Step #3: Under System Configuration, Local
Password Management, un-check "Remote Change
Password". This will allow user to change
password anytime they wish.
Step #4: Restart ACS service, no need to
reboot.
With the correct IOS image, you can even
change password via SSH in addition to telnet.
[Expert@P1-NGx]# telnet 192.168.15.248
Trying 192.168.15.248...
Connected to 192.168.15.248.
Escape character is '^]'.
User Access Verification
Username: ngx1
Password:
Your password has expired.
Enter a new one now.
New Password:
Re-enter New password:
Password Changed
C3640>
Easy right?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide