Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS 5.1 per user/per group differentiated password expiration settings


we are looking for feature present on ACS 4.x to have expiration defined per user or group. To my knowledge 5.1 has only global setting for user password expiration (password lifetime).

Current setup we have on 4.x is to have password aging set for most groups but one group of specific users have no password aging settings.

Any idea how to do this on 5.1? Your help is highly appreciated. Thanks.

Everyone's tags (3)
Cisco Employee

Re: ACS 5.1 per user/per group differentiated password expiratio

Hi, Matija,

Under System Administration -> Configuration -> Dictionaries -> Identity -> Internal Users you can configure Expiration Date attribute.

To set up different password expiration values for many users at once, you can use .csv file. To download template, click "Import" on the page User and Identity Stores -> Internal Identity Stores -> Users. After you download the template, fill it in with your user data and upload back to ACS. There will be "Expiration Date" column.

See Performing Bulk Operations for Network Resources and Users section of Managing Network Resources chapter of User Guide for the Cisco Secure Access Control System for details.

Hope that's you're looking for...

Cheers, Iron


If  this helps you and/or answers your question please mark the question  as  "answered" and/or rate it, so other users can easily find it.

New Member

Re: ACS 5.1 per user/per group differentiated password expiratio

Hi Iilyinas,

this is not what I was looking for. It seems as adding a cosmetic field that has no implications on password expiry.

CreatePlease to create content