Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
340
Views
0
Helpful
1
Replies

AAA ACS 3.3 Password enforcement problems

joe-vieira
Level 1
Level 1

‎11-19-2007 10:58 AM - edited ‎03-10-2019 03:31 PM

Hi everyone,

Under Password Aging Rules I have "Apply Password change rule" enabled but the user does not get a message to change the password. Instead it disables the account after the user logs in once.

Any help would be much appreciated

Thanks

Labels:
0 Helpful
1 Reply 1

Jagdeep Gambhir
Level 10
Level 10

‎11-19-2007 01:46 PM

To configure the password expiry, please follow these steps : - On the ACS server, system configurations > Local Password Managment > uncheck the check box " Disable Telnet Change Password against the ACS ". Now on the group setup set up the password aging parameters.

To support password-aging using Windows active directory we need to have AAA client configured for radius.

Below link gives more information on this.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/g.htm#wp479732

For password expiry to work with tacacs we need to have the username and passwords configured locally on the ACS server.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/o.htm#wp792652

Regards,

~JG

Do rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents