Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1535
Views
0
Helpful
4
Replies

ACS Password Management

learnsec
Level 1
Level 1

‎09-15-2011 01:46 AM - edited ‎03-10-2019 06:24 PM

dear all,

i would like to ask about system configuration/local password management option located on ACS application.

on this page i can specify the min max password length, alphanumeric password or not, and finaly if the password can contain the user name,

my question is, shall this options apply to administrator users only? or ACS VPN authenticated users and groups (end user) only? or both of them?

in addition, if the users are created before configuring the ACS local management policy, and users are already created with a criteria different then what a local password management identify, for example a user has a password not alphanumeric, and now i am going to configure the policy to force the password to be alphanumeric, what do happen for those users(users created before configuring the policy that do not match the new criteria configured)?

finally, is there a way to configure a password expiry date?

regards,

Labels:
0 Helpful
4 Replies 4

learnsec
Level 1
Level 1

‎09-18-2011 11:48 PM

any one have information about this issue?

0 Helpful

jrabinow
Level 7
Level 7
In response to learnsec

‎09-19-2011 12:08 AM

There are separate "Authentication Settings" dialogs where password rules are defined for administrators and users

See the following:

- System Administration > Users > Authentication Setting: for end users authenticating over RADIUS or TACACS+

- System Administration > Administrators >Settings > Authentication: for administrators of ACS accessing the GUI

If you change the password rules and users are already created with passwords that do not match these rules there is no impact on these existing users. These password rules will be applied next time they change their passwords

In terms of password expiry can already defined the number of days within which the password must be changed. In addition, ACS 5.3 will have a feature to configure an explicit date when the password must be changed. ACS 5.3 should become available for download from CCO during October.

0 Helpful

learnsec
Level 1
Level 1
In response to jrabinow

‎09-19-2011 01:18 AM

hello,

administrator password settings is located in administration control password policy.

in system administration there is no user authentication settings, but there is local password management only.

so this local password management might be for users who authenticate on acs as long as there is a separate password policy on administration control page.

i would like to ask modifying this policy, shall this will affect users passwords only? or group users passwords? or both?

as long as i can have a user password and a group password (to which the user is assigned) different from each others.

the last point is the password lifetime, on versions previous to acs 5.3, we can set password lifetime in group users/edit group setup. but what if i dont want to change group user password lifetime, but i want to change the user password lifetime? where can i set it?

0 Helpful

learnsec
Level 1
Level 1
In response to learnsec

‎09-28-2011 11:57 PM

any one can help?

0 Helpful
Customers Also Viewed These Support Documents