08-01-2022 05:43 AM
Good morning,
I have a user in AD who is blocked all time in Cisco ISE (Screenshot 1 and 2).
Firstly, i had this issue "24415 User authentication against AD failed since user's account is locked out"(Screenshot 3).
I changed some configurations (Screenshot 4) to (Screenshot 5).
And following this information (https://community.cisco.com/t5/network-access-control/prevent-ad-account-being-locked-out-by-failed-authentications/td-p/3727650) i did this changes (Screenshot 6).
But now, the account follows blocked and i have a different issue (Screenshot 7 and 8).
Could you help me?
Thank so much.
Solved! Go to Solution.
08-01-2022 05:54 AM
I had a similar issue. The user had logged into another device at some point. When resetting their password on a new device the old one was still trying to use the old password and locking the account. You will have to find that device or change the username.
08-03-2022 04:44 AM
You could put in a condition to block that endpoint MAC address that has the wrong password. The "correct" fix is to track down that device and correct the endpoint configuration issue.
08-01-2022 05:54 AM
I had a similar issue. The user had logged into another device at some point. When resetting their password on a new device the old one was still trying to use the old password and locking the account. You will have to find that device or change the username.
08-03-2022 01:43 AM
Hi michael18,
Thank so much for your answer.
The problem is that the user is blocked every 5 min and it is impossible to work on this way.
Did you do something related from the Cisco ISE side?
08-03-2022 04:44 AM
You could put in a condition to block that endpoint MAC address that has the wrong password. The "correct" fix is to track down that device and correct the endpoint configuration issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide