Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AAA ACS 3.3 Password enforcement problems

Hi everyone,

Under Password Aging Rules I have "Apply Password change rule" enabled but the user does not get a message to change the password. Instead it disables the account after the user logs in once.

Any help would be much appreciated

Thanks

1 REPLY

Re: AAA ACS 3.3 Password enforcement problems

To configure the password expiry, please follow these steps : - On the ACS server, system configurations > Local Password Managment > uncheck the check box " Disable Telnet Change Password against the ACS ". Now on the group setup set up the password aging parameters.

To support password-aging using Windows active directory we need to have AAA client configured for radius.

Below link gives more information on this.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/g.htm#wp479732

For password expiry to work with tacacs we need to have the username and passwords configured locally on the ACS server.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/o.htm#wp792652

Regards,

~JG

Do rate helpful posts

122
Views
0
Helpful
1
Replies