Problem with ACS 5.1.

Maxim Sergeev · ‎08-16-2011

Hello! Our company has installed ACS Version: 5.1.0.44.6 Internal Build ID: B.2347 with patches: 5-1-0-44-5, 5-1-0-44-6. The security policy of our company includes a password change every 3 months. Our programmers had written a script that allows us to do it. When testing revealed that the script does not work. This is due to the fact that it is not possible to enter the mode "acs-config". In determining the reasons it was found that to enter this mode there is a limit on sessions (6 sessions). When the number of connections becomes larger than 6 then the script does not work. The documentation says that the update is not active sessions is set with terminal session-timeout. In this case, the terminal session-timeout 30. But after 30 minutes of the session will remain active. It interferes with our script. Please tell me about how I can solve this problem.

Regards,

M Sergeev

Federico Lovison · ‎08-28-2011

Hi Maxim,

Apart from the discussion about the session timeout on the CLI and the script you wrote, depending on what password you're trying to change, ACS offers already some options which may help in your case.

So, are you trying to allow for password change for users on the ACS internal DB or for the ACS admin accounts?

You may look at the admin password lifetime config here:

https://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/admin_admin.html#wp1074571

Or for the changing the password on for the internal users, please check the UCP Web Service details here:

https://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/sdk/ucp.html

I hope this helps.

Regards,

Federico

--

If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.