dot1x , Cisco ACS and AD problem in password changes

Unanswered Question
Apr 28th, 2009
User Badges:

HI, i configured 802.1X authentication with Cisco Secure ACS 4.2 that is sync with Active Directory , everything is ok except that when i change password of a user on AD, user still can login with the old password on the client PC while if he/she use a different workstation can login with new password. it seems it put old pass in local PC cash...


Saeed Zamani

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mattkaya56 Tue, 04/28/2009 - 11:35
User Badges:

I think this is because credentials are cached. To test the theory

1) Wait for a while arbitrary interval say > 10 minutes and retry. It should fail if you try to use the old credentials.

2) Reboot switch. Retry it should not allow.

saeed-zamani Fri, 05/01/2009 - 11:48
User Badges:

no , i checked everything , user can login with the new password on other machines, i think it is because that machine is in un-athenticated mode , if a new user or administrator login on that machine then that user can also login with new password.




This Discussion