- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-19-2019 05:59 PM
Hello there,
I would like to ask around and pool some ideas on how other planets are doing in the self-service password reset area for windows user.
Do you implement this self-service password reset function for windows users? and what method that you deployed 802.1x network authentication for Cisco ISE - AnyConnet?
Is the machine authentication are secure than the user authentication option?
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-windows
General limitations saying ...
This feature does not work for networks with 802.1x network authentication deployed and the option “Perform immediately before user logon”. For networks with 802.1x network authentication deployed it is recommended to use machine authentication to enable this feature.
Any advice and experience greeting appreciated.
Best Regards,
Kriengsak
Solved! Go to Solution.
- Labels:
-
Identity Services Engine (ISE)
Accepted Solutions

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-22-2019 12:27 PM
What most companies do is they setup a password change portal and notify the users well before the password expires.
https://www.google.com/search?sxsrf=ACYBGNQOfTondnRp_c0YiFmqVNJX27uAMQ%3A1574452709142&ei=5T3YXdmiCKek_QaysLz4BA&q=ise+password+change+dot1x&oq=ise+password+change+dot1x&gs_l=psy-ab.3..33i160.28750.29391..29645...0.2..0.232.1135.2-5......0....1..gws-...
Here are some threads on password change using google search
https://community.cisco.com/t5/identity-services-engine-ise/ise-dot1x-not-allowed-to-change-password-while-password-expired/td-p/3463385
https://community.cisco.com/t5/policy-and-access/users-can-t-change-password-since-802-1x-and-ise-implementation/td-p/2056965

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-22-2019 12:27 PM
What most companies do is they setup a password change portal and notify the users well before the password expires.
https://www.google.com/search?sxsrf=ACYBGNQOfTondnRp_c0YiFmqVNJX27uAMQ%3A1574452709142&ei=5T3YXdmiCKek_QaysLz4BA&q=ise+password+change+dot1x&oq=ise+password+change+dot1x&gs_l=psy-ab.3..33i160.28750.29391..29645...0.2..0.232.1135.2-5......0....1..gws-...
Here are some threads on password change using google search
https://community.cisco.com/t5/identity-services-engine-ise/ise-dot1x-not-allowed-to-change-password-while-password-expired/td-p/3463385
https://community.cisco.com/t5/policy-and-access/users-can-t-change-password-since-802-1x-and-ise-implementation/td-p/2056965
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-06-2019 11:17 PM
thanks for stop by for the information, we managed to resolve the issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-25-2020 01:26 PM
Would you be able to share what you did to solve it, we are facing the exact same issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2022 01:01 PM
could you please let me know how this was sorted out
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-14-2023 12:35 AM
Hi.
How did you solve this issue, as I am facing the same problem.
Thanks,
