ACS user password expire

Unanswered Question
Feb 15th, 2010
User Badges:

Hello all

We have Cisco ACS 4.1 and we need to know how to configure the user passwords to expire at determinate time and ask the user to change it.

its that possible?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darpotter Mon, 02/15/2010 - 11:16
User Badges:
  • Silver, 250 points or more

Goto interface config and enable the password aging feature. You can make passwords age by use (ie set number of authentications) or by date - in your case you would want date. This is under system config as I recall, allthough it might be possible to set it up on a group by group basis.

Assuming your users are connecting to IOS devices by TACACS+ when the password is near to the expiry condition, ACS will start to send warnings that the password is about to expire. Once expired it will permit a specificied grace period after which the user is locked out.

The ACS online docs and user guide all document password aging.

arturo_triara Mon, 02/15/2010 - 14:58
User Badges:


i made the configuration on the interface config, and group Password Aging Rules

i configured Apply password change rule      to Forces the user to change the password on the first log-in after an administrator has changed it.

when i try to loggin to the switch it shows this:

Chpass is currently disabled.

What could be missing?




This Discussion