10-04-2012 03:59 AM - edited 03-10-2019 07:38 PM
Hello,
Does anybody know, if the notification that the pw will expire in xx days works in the scenario named in the headline?
Anyconnect SSL-VPN (ver 3.1.xxx) terminating on ASA 5510, v 8.4.4, authentication: Radius to ACS 5.3 (over MSChapV2), IdentityStore: MS ActiveDirectory.
the Password-Change (if the pw is set to "change at next Logon") is working, even if there is a Bug, too (on the ac-client).
In the tunnel-group password-manegement is enabled and notify is set to the default of 14 days.
does the ACS interrupt the notification? I can't see any message in ACS Log or in "debug aaa common 255" or "debug radius" on ASA
Do you need any config or debug-output?
Thanks
10-04-2012 09:49 AM
Karl,
You are referring to the tacacs password expiration notification. This not the message that is used with radius for internal users. Once the user's p/w expires it will prompt the user to change their password.
Thanks,
Tarik Admani
*Please rate helpful posts*
10-04-2012 10:52 PM
So, is this feature "password-management" only relevant for TACACS ?
10-05-2012 09:14 AM
No,
The "password change notification message" in ACS is only used for tacacs password expiration. You can still use the password change feature on the ASA and the ACS.
Thanks,
Tarik Admani
*Please rate helpful posts*
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: