ACS banner to inform user in how to change password

Unanswered Question
Sep 27th, 2010

I'm getting a lot of questions from my operators that they do not know how to change their password when they see the TACACS warning message that their account will expire soon.

I would like to have an auto banner setup so when a user who's password is about to expire logs into a Cisco router/switch, they will see a banner like the following:

Password about to expire. Please change your password.

To change password, hit <enter> at password prompt and system will prompt for your current password and ask for new password

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
shilgupt Sun, 10/03/2010 - 04:17
[1]About the password change, there is an option that you can use, however it's only for users that exists on the 
ACS internal database, it's called User  hangeable Password (UCP),  here is the information about it:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/installation/guide/user_passwords/ucp.html

[2]However if the users exists on the external database, some of conditions are met.
These are specified in the link below:-

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/3.3/user/guide/d.html#wp354279

When the conditions above are met and this feature  s enabled, users receive a dialog box prompting them to change their passwords upon their first successful authentication after their passwords have expired. The dialog box is the same as presented to users by Windows when a user with an expired password accesses a network via a  emote access server.

I hope it helps.

Actions

This Discussion