Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
933
Views
0
Helpful
1
Replies

Active Directory and ACS 5.3 failure

jeremy.morgan
Level 1
Level 1

‎05-22-2012 06:51 AM - edited ‎03-10-2019 07:06 PM

I am receiving a RADIUS authentication failure stating user must change password; however, password has been changed in AD and is not requiring change password any longer on the AD side.

Is there a cache on the ACS that needs to be cleared?

AD connection from ACS to domain is fine.  All other accounts authenticate.

It appears that if a user lets their account expire is when this happens.  Account has been reenabled in AD and password has been changed.  Still will not authenticate via ACS.

Labels:
0 Helpful
1 Reply 1

Jatin Katyal
Cisco Employee
Cisco Employee

‎05-22-2012 05:48 PM

Is this happening just for one account? What kind of session are we authenticating vpn or administrative?

Did you notice if users from the same group are authenticating fine?

Make sure for this user we've not checked "user must change password at next login" under account properties. Do you also see some error in the AD event viewer logs?

If it's happening with just a single account then please delete it from AD and readd it.

Regards,

Jatin

~Jatin
0 Helpful
Customers Also Viewed These Support Documents