Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 5.1 Problem with Changing Password on Next Login

Dears,

I am using ACS 5.1.0.44 as tacacs server for user athentication & authorization on an ASA 5520 firewall with software 8.2(4).

I created a new internal user. I want that user to change his password on next login. Therefore, i checked the box next to "Change password on next login".

The problem is that authentication is failing for the newly created user. It does not even go for the password changing procedure (enter old password...).

The failure reason i am getting on the real time TACACS dashboard i created in the Monitoring and Reports section is: User was marked to change password in Internal database

In the aaa Catalog Failure Reason it appeared that the above failure has the 24203 code and the Resolution Step was given as the following:

Check if the User account is set to change password in the Internal  database. If the User cannot change the password check for more failures  under the 'Steps' detailed report.

However, i made sure that the new internal user has the checkbox checked next to "Change password on next login".

Did anyone face this problem before?

Any additional commands should be configured on the ASA5520 firewall?

Regards,

535
Views
0
Helpful
0
Replies
CreatePlease login to create content