cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

83
Views
4
Helpful
1
Replies
Highlighted

ISE 2.2 change password with users

Hello Community

I have a problem with end users,

I have ISE 2.2 configured and only policies to authenticate with 802.1x. everything is fine until ISE detects that it requires a change of password, I say that ISE because it sends a report attached as an image. already review the resolution, but if the password change is enabled on the ISE platform.

Log_ISE.jpg

When trying to make the password change from the user's computer, the AD does not allow it and the user had to be removed from the domain and re-entered so that the AD could accept the password change, but for this I had to remove the configuration of the switch port.

What do you recommend to be done? Is it a configuration or user error or AD error?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ISE 2.2 change password with users

Christian,

Couple of things you can do is to make sure you allow certain ports to AD open before authentication on the interface.

Try this first with switchport configured as "authentication open" to allow everything to network ( on a test machine) before and after authentication to see if it changes the behavior. Other than the AD should allow users to change the password from their "Control + Alt + Delete" prompt.

Thanks

Krishnan

1 REPLY
Cisco Employee

Re: ISE 2.2 change password with users

Christian,

Couple of things you can do is to make sure you allow certain ports to AD open before authentication on the interface.

Try this first with switchport configured as "authentication open" to allow everything to network ( on a test machine) before and after authentication to see if it changes the behavior. Other than the AD should allow users to change the password from their "Control + Alt + Delete" prompt.

Thanks

Krishnan

CreatePlease to create content
Ask the Expert- Webex Hybrid Services Solutions