Solved: User Identities being automatically disabled by System

Leroy Plock · ‎09-30-2013

Greetings,

This is a weird one. Had devices failing PEAP authentication because internal user disabled.Checked Administration > Identities > Users and sure enough user was disabled. Re-enabled, but next day same thing. Reviewed configuration logs and found that "System" was disabling the account every night at midnight.

At first this was just one user identity but now it is affecting all.

Doesn't affect endpoint identities, only users.

We are on version 1.1.4 patch 2. We cannot move to a newer patch until Cisco resolves a separate issue for us.

Thanks for any ideas, I am opening a TAC case.

Jatin Katyal · ‎09-30-2013

There is a setting for local accounts to expire when password has not been changed in 60 days. Disable the setting, or change your passwords. Administration --> Identity Management --> Settings --> User Password Policy.

Please uncheck the option and try again.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

View solution in original post

Jatin Katyal · ‎09-30-2013

There is a setting for local accounts to expire when password has not been changed in 60 days. Disable the setting, or change your passwords. Administration --> Identity Management --> Settings --> User Password Policy.

Please uncheck the option and try again.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

Leroy Plock · ‎09-30-2013

Doh! That's probably it. I have changed it, will check tomorrow and see if we're OK. Thanks!

Jatin Katyal · ‎09-30-2013

Sure!...Let me know how it goes.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

Leroy Plock · ‎10-01-2013

That was it, thanks!

Jatin Katyal · ‎10-01-2013

awesome! Thanks for updating.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin