Hi,
I am currently working on two ACS 5.1.0.44-4, in order to control the admin access of network engineers to Cisco routers, switches and firewall.
I would have three questions:
1) Is it possible for the ACS to send an e-mail if an account is about to be disable due to a password that has not yet been renewed yet?
The idea is to avoid receiving an alarm when the account is already disable.
2) What are the common procedures for a user (i.e. end user to access AAA client) to renew his password?
Do you integrate the ACS using the UCP tool to your internal portal?
Do you creat (yet again) another login in the ACS so that the user will login to the ACS web page to change hos passwords?
Or did you find a way to have the AAA client prompting for a change of password?
3) It seems that if a user ssh into a router with privilege 15, directly, there is no warning message showing when the password is to be expired.
On the other end, if the user ssh into a router with privilege1, then types "en" to become enabled, ony then a warning message shows when his password will expire.
Have you seen this before? Do you know any workaround?
Thank you very much for your time.
Christophe