- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-01-2022 05:43 AM
Good morning,
I have a user in AD who is blocked all time in Cisco ISE (Screenshot 1 and 2).
Firstly, i had this issue "24415 User authentication against AD failed since user's account is locked out"(Screenshot 3).
I changed some configurations (Screenshot 4) to (Screenshot 5).
And following this information (https://community.cisco.com/t5/network-access-control/prevent-ad-account-being-locked-out-by-failed-authentications/td-p/3727650) i did this changes (Screenshot 6).
But now, the account follows blocked and i have a different issue (Screenshot 7 and 8).
Could you help me?
Thank so much.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-01-2022 05:54 AM
I had a similar issue. The user had logged into another device at some point. When resetting their password on a new device the old one was still trying to use the old password and locking the account. You will have to find that device or change the username.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2022 04:44 AM
You could put in a condition to block that endpoint MAC address that has the wrong password. The "correct" fix is to track down that device and correct the endpoint configuration issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-01-2022 05:54 AM
I had a similar issue. The user had logged into another device at some point. When resetting their password on a new device the old one was still trying to use the old password and locking the account. You will have to find that device or change the username.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2022 01:43 AM
Hi michael18,
Thank so much for your answer.
The problem is that the user is blocked every 5 min and it is impossible to work on this way.
Did you do something related from the Cisco ISE side?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2022 04:44 AM
You could put in a condition to block that endpoint MAC address that has the wrong password. The "correct" fix is to track down that device and correct the endpoint configuration issue.
