ACS 5.1 - Change a User password

Unanswered Question
Jul 16th, 2010
User Badges:

Hi,


Here's the scenario:

I'm using ACS for device Administrations (using TACACS+)


I'm using the internal identity store for users.

I've set user passwords to expire after x number of days (when the account will then be disabled).


How does the user, when he/she logs into a switch, then change their TACACS+ password?


I've tried entering the user name and then a blank password at the login prompt (which does then ask you to change your password), but this fails.


Surely there has to be an easy way to do this without getting an Admin to log into ACS and give them a new password?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
Ganesh Hariharan Fri, 07/16/2010 - 11:08
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Hi,


Here's the scenario:

I'm using ACS for device Administrations (using TACACS+)


I'm using the internal identity store for users.

I've set user passwords to expire after x number of days (when the account will then be disabled).


How does the user, when he/she logs into a switch, then change their TACACS+ password?


I've tried entering the user name and then a blank password at the login prompt (which does then ask you to change your password), but this fails.


Surely there has to be an easy way to do this without getting an Admin to log into ACS and give them a new password?


Hi,


For User change password with ACS 5.1 try the following steps for GUI based passord change mechanism.


     1. Use command acs config-web-interface ucp enable on ACS console.
     2. Install Apache Tomcat (http://tomcat.apache.org/download-60.cgi) and J2SE on dedicate web server.
     3. Download UCP example from ACS web console (System Administration > Downloads > UCP web application example).
     4. Extact UCP.zip and put it into the Apache path (Ex. C:\Tomcat 6.0\webapps\ROOT\)
     5. Restart Apache service.


http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/sdk/ucp.html


Hope to Help !!


Ganesh.H


Remember to rate the helpful post

hugh.turner Tue, 07/27/2010 - 07:10
User Badges:

Ganesh, many thanks for the response.


I was hoping that there was a way to change the user password without using the web-based solution, because it means we have to have a separate server to faciliate this.


If anyone else knows of way to change the user password without the UCP web GUI, (i.e. just from their terminal session) then please let me know.



Hugh.

Ganesh Hariharan Thu, 07/29/2010 - 00:12
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Ganesh, many thanks for the response.


I was hoping that there was a way to change the user password without using the web-based solution, because it means we have to have a separate server to faciliate this.


If anyone else knows of way to change the user password without the UCP web GUI, (i.e. just from their terminal session) then please let me know.



Hugh.

Hi Hugh,


Is that any error throws when you try to change the password for the user after entering the new password or just check under system configuration--local password management-- a uncheck should be there for changing password via telenet (The following step is for ACS 4.2 hope more or less would be same for 5.1)


Hope to Help !!


Ganesh.H

Actions

This Discussion