user account disable

albert.chueh · ‎05-10-2010

Hi,

Recently I setup one new ACS5.1(upgrade from 5.0) for device admin with ACS internal user id stores. Also enable "Disable user account after 90 days if password was not changed." in user authentication settings. But I met a problem that when user got the initial ID and password and login device to change password, he can change and login successfully, but later(may be 30 mins or one hours later), user account became disable and showed password expired.

Is there any setting I missed or need to check? Thanks in advance.

Albert.

jrabinow · ‎05-10-2010

There is a CDETS on this issue:

CSCtf06311: All internal users disabled automatically after logging in a single user

A fix is scheduled to be in included in upcoming patch 3 for ACS 5.1 in next couple of weeks. I do not have the precide date

albert.chueh · ‎05-10-2010

Thanks for the advice, just wait for the the patch publishment.

jrabinow · ‎05-30-2010

Fix for this issue is ready and available on CCO and included in patch 5.1.0.44.3

The patch is included in all cumulative patches from version 5.1.0.44.3 and later.

We recommend that you download the latest cumulative patch.

Download from: CCO / Support / Download Software http://www.cisco.com/public/sw-center/index.shtml

Select: Security / Identity Management / Cisco Secure Access Control System / Cisco Secure Access Control System 5.1 / 5.1.0.44

Patch filename: 5-1-0-44-3.tar.gpg

Readme and installaion instructions: Acs-5-1-0-44-3-Readme.html