Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1047
Views
0
Helpful
3
Replies

ACS 4.1 and 5.2 password change prompt via Cisco VPN

chrisvanwyk
Level 1
Level 1

‎03-16-2011 02:25 AM - edited ‎03-10-2019 05:54 PM

Hi

Please advise if this can be done.

Users authenticate via ACS database.

Their password needs to  changes every 30 day.

VPN terminates on an ASA 5520.

Is there a way to prompt the user with a popup that to change their password before it expires or 5 days before?

Regards

Chris

Labels:
0 Helpful
3 Replies 3

andamani
Cisco Employee
Cisco Employee

‎03-16-2011 05:35 AM

Hi Chris,

you can try the password expiry with the ACS internal database. But this is neither officially supported, nor documented.

You can try the steps mentioned on the following link for ACS 4.1

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/SCBasic.html#wp222215

If you are using an external database, then it is supported and documented. The following link gives you details of the same:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml#passexpiry


On ACS 5.x you can try the following:

Under System Administration -> Configuration ->  Dictionaries -> Identity -> Internal Users you can  configure Expiration Date attribute.

I have never tried any of the above. May be you can try and let us know the results.

Regards,

Anisha

P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful

chrisvanwyk
Level 1
Level 1
In response to andamani

‎03-16-2011 11:55 PM

Hi

I think you misunderstood me here I need a pop up or notifcation when the user logs in to tell them to change his password before it expires. The password ageing has already been done.

Regards

0 Helpful

aneelaka
Level 1
Level 1
In response to chrisvanwyk

‎03-16-2011 11:56 PM

Dear Valued Cisco Customer,

I will be out of the office from 03/20/2010 until 04/04/2010. During

this time, I will have no access to email or voicemail. If you require

assistance during my absence, please contact Manivannan Srinivasan via

phone at 469-255-4806 or via email at mansrini@cisco.com and this

engineer will continue to work any immediate concerns you may have at

this time. If this issue can wait until my return on 04/05/2010, I will

be glad to continue working with you. If you require assistance outside

of our business hours (10:00am - 7:00pm CST), please contact the TAC by

calling 1800-553-2447 or email tac@cisco.com and request to have the

service request re-assigned.

Best Regards,

Abhishek Neelakanata

0 Helpful
Customers Also Viewed These Support Documents