10-22-2013 02:33 PM - edited 03-10-2019 09:01 PM
Hi all,
I am using ACS ver3.1 and it is doing both TACACS and Radius (IETF) authentication. It is causing my windows domain password to continually be locked out. I can go through the web program to unlock it, but within 15 to 2 hrs its locked again. I did ask the windows guys and they did confirm that the lockout was becasue of TACACS.
I know it is very vauge, does anyone have any ideas.
Thanks
10-23-2013 02:16 AM
Hi
Increase the TACACS+ timeout interval from the default 20 hrs. Set the Cisco IOS command as follows:
tacacs-server timeout 20
For more information please go through this link:
10-23-2013 02:57 AM
How would that help Muhammad? BTW, timeout should be in seconds, not in hours.
~BR
Jatin Katyal
**Do rate helpful posts**
10-23-2013 03:01 AM
Alan,
what error message do you see on ACS > failed attempts?
What is the value set for max session on ACS?
How many failure attempts you see for the same user?
Are you using any script to login via tacacs?
~BR
Jatin Katyal
**Do rate helpful posts**
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide