I am trying to configure that users have to change their passwords when they enter to a network appliance the first time they log in.
I have an ACS 4.0 appliance, the option "Disable TELNET Change Password against this ACS and return the following message to the users telnet session" is disable. When I try to enter to a Catalyst 6500, for instance, I type user and pass and I get Rejected (RADIUS is the protocol used).
In the ACS' reports I can see it appears the next error 'Authen Failed - CS Password Expired'.
I only have enabled the option "Apply password change rule" in Group Settings, the others options for "Password Aging Rules" are deactivated.
Thanks for your help,