Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
379
Views
0
Helpful
2
Replies

Cisco ACS 4.0 not recognizing AD 2k3 password change

ktokashhh
Level 1
Level 1

‎01-03-2007 01:48 PM - edited ‎03-10-2019 02:54 PM

I have a pair of ACS appliances (Release 4.0(1) Build 44) running Tacacs+ (mostly) smoothly, however I changed my password recently and Tacacs+ still requires that I use the previous one. This is a new deployment so I haven't dealt with this issue previously.

Other relevant details:

- Groups are all taken care of on the appliances, I am only using AD for password management.

- There are two agents passing the credentials to AD, both appliances use the same primary, and fall back to the same backup.

My question is simple - is there something I missed that I have to do after password changes? We have consultants that we're going to have use this Tac config as well so it's imperative that any weirdness like this gets ironed out up front.

Labels:
0 Helpful
2 Replies 2

darpotter
Level 5
Level 5

‎01-03-2007 02:07 PM

On the face of it.. sounds like a classic case of password propogation delay.

Is there a chance the ACS is pointing to a different AD server to the one you changed your password on?

0 Helpful

ktokashhh
Level 1
Level 1
In response to darpotter

‎01-03-2007 02:43 PM

That hadn't occurred to me since I changed my password yesterday and ran into this today (12+ hours later), but you reminded me that we're using two different domains. After talking to our MS admins it looks like the domains are not sharing password information (duh...). Thanks for the thought train.

0 Helpful
Customers Also Viewed These Support Documents