password lifetime policy on ACS 5.1

Unanswered Question
Dec 15th, 2009
User Badges:

Hi !

I find option for configure beavior of the ACS when expired password was'nt changed for a specific user, but were are defined the other lifetime password option maximum and minimum password lifetime ?  I had find for administrator user of the ACS but nothing about users....

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sapatel Tue, 12/15/2009 - 12:45
User Badges:
  • Cisco Employee,

I think you're talking about a 'grace' period for users with expired passwords. Such an option is not available in ACS 5.

xine xine Wed, 12/16/2009 - 03:06
User Badges:

Hi !

I talking about lifetime password itself not a grace period.  I had understand the grace period was supported based on setting in System administration|Users|Authentication settings|advanced tab

Password Lifetime

   Users can be required to periodically change password

Disable user account after
days if password was not changed
Display reminder after

I was understand thoses setting are used to defined a grace period, but if I'm to define a grace period for modifying password after it's expiration where I can defined expiration password itself.

I would like to defined user cannot change password under 1 day on age and should modify password after 1 month or 1 year on ages !  (the internal user password will be used only in failed over condition, normally OTP technology with be used to authenticate users sessions)

sapatel Wed, 12/16/2009 - 16:31
User Badges:
  • Cisco Employee,

You cannot specify the number of days before which a user cannot change his password. You can specify after how many days a password will expire:

"Disable user accout after 30 days if password was not changed"


This Discussion