Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1595
Views
0
Helpful
20
Replies

Password Policy for administrators in ACS 4.1

Farooq Razzaque
Level 1
Level 1

‎10-02-2013 08:21 AM - edited ‎03-10-2019 08:57 PM

Dear

In ACS, I want to know if i set the following password lifetime option under password policy for administrators under administration control then will
that change be applicable to all local administrators or it will be applicable to only default administrator (ACSAdmin)

If i set the number of days for 10 days then what will happend after passing 10th day..

Will the ACS give the option to change the password when i try to login after 10th day ?
Will it give the option on the main ACS login page.


password Liftetime Options
*******************************

The password will require change after 10 days

Labels:
0 Helpful
20 Replies 20

Jatin Katyal
Cisco Employee
Cisco Employee

‎10-02-2013 09:55 AM

Yes, it will be applicable to all administrators created on ACS. Yes, after passing 10th day, you will be prompted to change the password on ACS login screen.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Farooq Razzaque
Level 1
Level 1
In response to Jatin Katyal

‎10-02-2013 10:39 AM

Thanks Jatin

Can i hve some document which is mentioning that changes in Password lifetime options is applicable to all manually created administrators and default administrator (ACSAdmin) as well.

1) Will that change be applicable to default administrator (ACSAdmin) ?

2) Will it that change be applicable to TACACS users as well.

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to Farooq Razzaque

‎10-02-2013 08:16 PM

Here is a link

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/Admin.html#wp703514

Since it's a global change so it will be applicable to all admin accounts.

So the administrator password policy only affects ACS administrator accounts. It has nothing to do with Tacacs users.

I'll try to recreate when exactly we see the option to change password and let you know.

Are you running ACS windows or ACS appliance?

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Farooq Razzaque
Level 1
Level 1
In response to Jatin Katyal

‎10-02-2013 08:36 PM

I m using the ACS appliance with version 4.1.

Can you please send me the snap shot once you will recreate it.

I have created some administrators under administration control like (user1, user2, user3 etc) and one is default administrator (ACSAdmin).... Can you also please test to check whether this change is applicable to all manually created administrator accounts and default admin account (ACSAdmin)

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to Farooq Razzaque

‎10-02-2013 08:44 PM

Sure. I will update you

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Farooq Razzaque
Level 1
Level 1
In response to Jatin Katyal

‎10-04-2013 12:37 AM

Dear Jatin

Did u get a chance to test the following

Can you also please test to check whether this change is applicable to all manually created administrator accounts and default admin account (ACSAdmin)

I'll try to recreate when exactly we see the option to change password and let you know.

0 Helpful

Farooq Razzaque
Level 1
Level 1
In response to Jatin Katyal

‎10-05-2013 11:18 AM

Dear Jatin

It is not specifically mentioned in the below link that  password policy (password Liftetime Options) are applicable to manually created account and default administrator account (ACSAdmin)

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to Farooq Razzaque

‎10-08-2013 01:24 AM

HI Farooq,

I will try and update this thread today.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Farooq Razzaque
Level 1
Level 1

‎10-09-2013 04:29 AM

hi

Did u get a chance to test

Sent from Cisco Technical Support iPhone App

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to Farooq Razzaque

‎10-09-2013 06:44 AM

HI Farooq,

I have made some changes in the password policy section and set the password to be xpired after 1 day. I will be able to update you by tomorrow.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Farooq Razzaque
Level 1
Level 1

‎10-10-2013 12:07 AM

ok. I will wait for the update

Sent from Cisco Technical Support iPhone App

0 Helpful

Farooq Razzaque
Level 1
Level 1

‎10-10-2013 11:32 PM

Dear jatin

Did u test it ?


Sent from Cisco Technical Support iPhone App

0 Helpful

Farooq Razzaque
Level 1
Level 1

‎10-17-2013 01:20 AM

dear Jatin

Did u get a chance to test it

Sent from Cisco Technical Support iPhone App

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to Farooq Razzaque

‎10-17-2013 01:23 AM

sorry I forgot to update you.          

yes Farooq, that's a global change and would be applicable for all the administrator.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful
Customers Also Viewed These Support Documents