ACS 'Password Change Rule' doesn't work with telnet

Answered Question
Jan 29th, 2009

Hello:

I am trying to configure that users have to change their passwords when they enter to a network appliance the first time they log in.

I have an ACS 4.0 appliance, the option "Disable TELNET Change Password against this ACS and return the following message to the users telnet session" is disable. When I try to enter to a Catalyst 6500, for instance, I type user and pass and I get Rejected (RADIUS is the protocol used).

In the ACS' reports I can see it appears the next error 'Authen Failed - CS Password Expired'.

I only have enabled the option "Apply password change rule" in Group Settings, the others options for "Password Aging Rules" are deactivated.

Thanks for your help,

Francisco

I have this problem too.
0 votes
Correct Answer by darpotter about 7 years 10 months ago

You'll need to be using TACACS+ to get password change to work.

Doesnt work with RADIUS.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
darpotter Thu, 01/29/2009 - 11:44

You'll need to be using TACACS+ to get password change to work.

Doesnt work with RADIUS.

Actions

This Discussion