Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
207
Views
1
Helpful
1
Replies

How can i set the ISE CLI Admin Password policy

tjdwns4111
Level 1
Level 1

‎07-04-2024 01:29 AM

In my ISE CLI config, there is setting about password policy like this

password-policy
password-expiration-enabled
password-expiration-days 30

but i didn't set the config in CLI, it was set by GUI Admin.

and i know the CLI Admin and GUI Admin is different User.

so, after 30days, the CLI Admin wasn't Disabled. jusy only GUI Admin.

i want to set the policy of CLI Admin as 90 days too.

how can i set the CLI Admin Policy?

0 Helpful
1 Reply 1

Marcelo Morais
VIP
VIP

‎07-21-2024 02:31 PM

Hi @tjdwns4111 ,

 there is no "password expiration" on the CLI. There is a "default password aging" of 45 days for the GUI.

Note 1: If a password policy is configured through the Cisco ISE GUI, it overwrites and takes precedence over any password policy configured through the Cisco ISE.

Note 2: since you configure a password expiration on the CLI of 30 days, after 30 days your GUI Admin was disable.

Note 3: please take a look at ISE CLI Reference Guide - 3.3 - Password Policy.

 

Hope this helps !!!

Customers Also Viewed These Support Documents