07-01-2013 03:33 AM - edited 03-10-2019 08:36 PM
I had Cisco ISE version 1.1 i face a problem with the CLI and GUI password, as it expire and i can't login, i do the password reset using the ISE DVD,
i navigate to the ISE CLI, and do the following commands:
conf t
password-policy
no password-expiration-enable
and reset the GUI admin password, using the command:
# application reset-passwd ise admin
from the ISE GUI i had remove the option for diable admin account after 45 days.
but after 60 days the password expire again.
so kindly advise what to check for this expire issue.
Solved! Go to Solution.
07-01-2013 03:42 PM
Hi Mostafa,
Yes, the last reply was more towards GUI password-mgmt because in maority of cases it happens with UI admin account. I need to know if you've restarted the ISE after disabling the expiration from the CLI because what I read few weeks ago in an internal defect that password policy configurations are not preserved on cli after restart so just to check could you please check the current settings on CLI w/ the help of show run | in password-policy.
~BR
Jatin Katyal
**Do rate helpful posts**
07-01-2013 03:49 AM
I come across this issue few days ago. There has been an issue that after the account expires and is re-enabled, and I think we have few options here:
1.] Uncheck the box "Disable user account after X days if password was not changed"
2.] change the default value from 60 days to X days as per your requirement.
3.] Reset the user account password with in 60 days.
~BR
Jatin Katyal
**Do rate helpful posts**
07-01-2013 03:56 AM
Hi Jatin,
thanks for your reply.
i think your reply is related to the GUI admin password, but have you any idea why the CLI password expire even i disable the expiration from the CLI.
thanks and regards,
Mostafa
07-01-2013 03:42 PM
Hi Mostafa,
Yes, the last reply was more towards GUI password-mgmt because in maority of cases it happens with UI admin account. I need to know if you've restarted the ISE after disabling the expiration from the CLI because what I read few weeks ago in an internal defect that password policy configurations are not preserved on cli after restart so just to check could you please check the current settings on CLI w/ the help of show run | in password-policy.
~BR
Jatin Katyal
**Do rate helpful posts**
07-02-2013 04:16 AM
Hi Jatin,
thanks for your reply.
in fact the ISE has been restarted two times due to power shortage.
is there a version for the ISE that has this problem solved for the password policy configurations not preserved on the CLI.
thanks and regards,
Mostafa kamel
07-02-2013 04:41 AM
The defect also talks about sync issue between UI and CLI. That was the closest one I could find. The defect shows 1.2 will have a fix for it.
~BR
Jatin Katyal
**Do rate helpful posts**
07-02-2013 05:03 AM
thanks Jatin for your support and reply.
BR
Mostafa kamel
07-02-2013 05:22 AM
Your welcome:)
~BR
Jatin Katyal
**Do rate helpful posts**
11-02-2016 01:47 PM
jkatyal you post above really helped. Thanks.
11-02-2016 02:26 PM
03-24-2019 02:31 AM
Hello everyone,
I can enter in ise server with GUI by used my username and password and can login as fine, But the CLI ssh i can't enter when i used my username and password, How can enable the account in cli?
Any help
THANKS
11-09-2019 08:04 AM
Thank you for your solution, it worked! I have been lucky as I had separate SSH account to reset the GUI user.