e-mail reminder\alert setting in ACS

Unanswered Question
Aug 27th, 2009
User Badges:

I have Cisco ACS4.2 with UCP installed on windows server. It use internal DB and not associated with any external DB. I want to send this message to all User for reminding there password change action.

"This is a reminder that you have not changed your Cisco ACS password in

the past 60 days.You must change your password within the next 15 days to keep your account active"


How can I configure the ACS for this e-mail alert\reminder

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jatin Katyal Thu, 08/27/2009 - 04:11
User Badges:
  • Cisco Employee,

Hi Vinay,


Using UCP web-based utility, its not possible to send a notification/alert/email to acs internal users that your account password is going to be expired in N number of days.


What is UCP?


You use the UCP application to allow users to change their ACS passwords with a web-based utility. When users need to change passwords, they can access the UCP web page by using a supported web browser. For information about web browsers that we tested with ACS, see the release notes for your ACS product.


The UCP web page requires users to log in. The required password is the Password Authentication Protocol (PAP) password for the user account. UCP authenticates the user with ACS and then allows the user to specify a new password. UCP changes the user's PAP and Challenge Handshake Authentication Protocol (CHAP) passwords to the new password.


Configuring and installing UCP:


http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/installation/guide/user_passwords/ucp.html


In case we want users to get an alert before their accounts get expired, then you need to configure Password aging rule on the ACS.


You can go through it:


http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/GrpMgt.html#wp525115


So Users will only be prompted, if they are doing a telnet and dial-in,

and they'll will be only prompted when they try to log in. otherwise,

they will never get any alert, and if they are not dialing-in or doing a

telnet, they will never get prompted to change the password.


HTH


Regards,

JK

vinay.kumar.dub... Thu, 08/27/2009 - 05:01
User Badges:

Thanks JK...I know the UCP is for users to change there password only and simplify the Admin task.

I want to know about this e-mail reminder configuration in ACS? The users should get alert based on the pw expiry time limit congfigured in there account. Previouely,it was available but after some server migration, we lost that setting. Could u help here to understand the setting?

Jatin Katyal Wed, 09/02/2009 - 12:04
User Badges:
  • Cisco Employee,

I have never seen this option where users gets an email that his/her password is go'nna expire in N number of days.


In ACS, there is only one option where you can mention the user/alias email address under system configuration > ACS Active Service Management Setup > Email notification of event.


HTH


Regards,

JK

Actions

This Discussion