Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
295
Views
0
Helpful
1
Replies

Correct role for Admins to change their own password?

cnegrete
Level 1
Level 1

‎02-05-2019 10:51 AM

We have a "small" issue on a deployment (a migration from ACS, so we're using only Device Admin license):

The admin users (which weren't migrated from ACS) that we created ("promoting" the users as the documentation says) only should have permission to admin standard users, network devices and logs, and they do, but they are unable to change their own admin password.

 

The following three Admin groups are enabled for the users:

  • Identity Admin
  • Network Device Admin
  • MnT Admin

 

Om the documentation, I can't find another group (other than SuperAdmin) that could let the users change their own password. Is this something they should be able to do? Or is this an expected behaviour?

 

Thanks for your time.

0 Helpful
1 Reply 1

Ben Walters
Level 3
Level 3

‎02-05-2019 12:50 PM

What version of ISE are you running? 

 

In our 2.4 deployment all users, even read-only have the option to change their password, after they log in to ISE they can click the gear icon in the top right corner of the screen and select "Account settings". 

 

I am guessing this feature is available on all versions above 2.0 with the updated GUI.  

0 Helpful
Customers Also Viewed These Support Documents