01-03-2007 01:48 PM - edited 03-10-2019 02:54 PM
I have a pair of ACS appliances (Release 4.0(1) Build 44) running Tacacs+ (mostly) smoothly, however I changed my password recently and Tacacs+ still requires that I use the previous one. This is a new deployment so I haven't dealt with this issue previously.
Other relevant details:
- Groups are all taken care of on the appliances, I am only using AD for password management.
- There are two agents passing the credentials to AD, both appliances use the same primary, and fall back to the same backup.
My question is simple - is there something I missed that I have to do after password changes? We have consultants that we're going to have use this Tac config as well so it's imperative that any weirdness like this gets ironed out up front.
01-03-2007 02:07 PM
On the face of it.. sounds like a classic case of password propogation delay.
Is there a chance the ACS is pointing to a different AD server to the one you changed your password on?
01-03-2007 02:43 PM
That hadn't occurred to me since I changed my password yesterday and ran into this today (12+ hours later), but you reminded me that we're using two different domains. After talking to our MS admins it looks like the domains are not sharing password information (duh...). Thanks for the thought train.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide