Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1112
Views
0
Helpful
1
Replies

CS ACS User Password Change Reminder

Go to solution
f.hayeck
Level 1
Level 1

‎05-06-2011 12:51 AM - edited ‎03-10-2019 06:03 PM

We installed CiscoSecure Access Control System 5.2 appliance and we are facing the following technical issue:

-          When we create a user on ACS (not an administrator, but a normal user to access Network Devices), we are setting the Disable user account after n days if password is not changed to 90 days and the Display reminder after n days after 80 days; in the Cisco Documentation (http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/users_id_stores.html#wp1131174) it states that for the Display reminder after n days field, the description is : Displays a reminder after n days to change password; the valid options are 1 to 365. This option, when set, only displays a reminder. It does not prompt you for a new password. My question is the following: how will the user be notified if we cannot add an email to users and this user has only access privileges to Network Devices ?

-          The Users are being disabled after 90 days because they received no reminder and they have to manually reset their passwords everytime.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jrabinow
Level 7
Level 7

‎05-06-2011 03:03 AM

I think there is an enhancement for this in patch 5.2.0.26.2  and higher that includes the following:

CSCtk32168: Add an option to change password when password expires (T+ and Radius)

After this patch is installed you get an option in the user authentication settings to either:

- Disable user account

- Expire the password

When expiry period is exceeded

If password is expired then user will be prompted to change password on next authentication

Note that latest patch for 5.2 is 5.2.0.26.4. All patches are cumulative

View solution in original post

0 Helpful
1 Reply 1

Go to solution
jrabinow
Level 7
Level 7

‎05-06-2011 03:03 AM

I think there is an enhancement for this in patch 5.2.0.26.2  and higher that includes the following:

CSCtk32168: Add an option to change password when password expires (T+ and Radius)

After this patch is installed you get an option in the user authentication settings to either:

- Disable user account

- Expire the password

When expiry period is exceeded

If password is expired then user will be prompted to change password on next authentication

Note that latest patch for 5.2 is 5.2.0.26.4. All patches are cumulative

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents