Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
463
Views
2
Helpful
4
Replies

24407 User authentication against Active Directory failed

Arwa Albasari
Level 1
Level 1

‎12-02-2024 12:43 AM

Hello,

I am implementing ISE 3.2, and facing an issue where users are unable to change their expired passwords. I receive the following error message:
24407 User authentication against Active Directory failed since user is required to change his password
I have already ensured that the "allowed protocols" configuration permits password changes. However, the problem persists. Has anyone faced a similar issue or can suggest a potential solution?

4 Replies 4

marce1000
Hall of Fame
Hall of Fame

‎12-02-2024 02:20 AM

 

 - Can you also check  if the "Enable Password Change" option is set in the Active Directory settings"
    Administration > Identity Management > External Identity Stores > Active Directory > Advanced Settings.

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Arwa Albasari
Level 1
Level 1
In response to marce1000

‎12-02-2024 02:40 AM

Yes, the "Enable Password Change" option is enabled, but the issue persists.

 
 
0 Helpful

ahollifield
VIP
VIP

‎12-02-2024 05:00 AM

Why are you using PEAP/MSCHAPv2 in 2024?  MS-CHAPv2 uses broken MD4 encryption.  You should move to TEAP using user and device certificates instead.

Arwa Albasari
Level 1
Level 1
In response to ahollifield

‎12-04-2024 04:11 AM

If I use it, does it solve the problem?

0 Helpful
Customers Also Viewed These Support Documents