04-11-2018 12:34 AM
Hi Folks
We recently added a Device Admin license to our ISE 2.2 (ver 2.2.0.470 patches 1 & 2 installed) deployment and created internal users and a net_admin group to administer our network devices. For now (and I'm aware of the security risks) we don't want the passwords to expire so under Administration, Identity Management, Settings, User Authentication Settings, Password Policy have unchecked
Disable user account after days if password was not changed |
and
Lock/Suspend Account with Incorrect Login Attempts
and unchecked all Disable Accounts options under Administration, Identity Management, Settings, User Authentication Settings, Account Disable Policy
However we are now being warned whenever we log in to a network devices that our passwords are due to expire.
Is there something else I need to configure to stop the passwords from expiring?
TIA
Solved! Go to Solution.
04-12-2018 08:23 PM
CSCvf30591 is probably what you are seeing.
04-11-2018 02:05 AM
Hi , we have same issue in our deployment . As you configured we did the same .But i show you our configuration now and will solve your problem.
I think this is bug , because when we remove tick from disable account after the problem with expire still exist.
Just put the tick and increase the time to 3650 days .
04-12-2018 08:23 PM
CSCvf30591 is probably what you are seeing.
04-13-2018 01:01 AM
Had raised a TAC case and they have confirmed the bug, and that it is cosmetic - accounts don't actually expire.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide