Password change policy issues

WayneWeezy — Thu, 10 Oct 2024 17:44:41 GMT

Hello, we recently forced users to do a password change in AD, and because we use ISE/Radius to authenticate them to the wireless, it has caused quite a few people to get locked out because their mobile devices have the old credentials cached. I am looking for suggestions on how to tackle this so if we do go to a strict password policy period, we dont get slammed with help desk calls for locked out accounts. Currently we ask the end user to forget the network and reconnect using the new password. Its easy enough for a handful but when its applied to 10k students, it might get ugly.

Our system is 4 Cisco 9800-40 WLC's and 6 ISE nodes spanned across 4 sites.

Re: Password change policy issues

balaji.bandi — Thu, 10 Oct 2024 20:15:06 GMT

May be you need to contact Wintel and Server Team, they should have tool where the user locked (if any one saved the password- that is not best practice as per security policies) - then they can release the user account based on the information.

I am sure helpdesk should have tool to release, this is nothing to do with WLC or ISE.

topic Password change policy issues in Network Access Control

Password change policy issues

Re: Password change policy issues