05-17-2007 05:46 AM - edited 03-10-2019 03:10 PM
In a Cisco Press publication "Troubleshooting Cisco Secure ACS on Windows" (http://www.ciscopress.com/articles/article.asp?p=474238&seqNum=6&rl=1), I read the following question:
How can I disable the users' option to change the password by using Telnet to access the router?
It has an answer describing certain details. However, the question itself is not clear to me. Could someone explain them a little more clearly?
Thanks.
05-17-2007 12:48 PM
At the command prompt on a router its possible to start a password change request over TACACS to the ACS server.
I think you enter an empty password twice as I recall.
This can cause problems if users change their password on a "slave" ACS which is then replicated to from a "master" thus setting the password back to its pre-changed value.
05-17-2007 12:55 PM
Thanks for your input.
Can you tell me how, once at a router command line, can I initiate this request to change the password on the ACS server?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide