cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1467
Views
0
Helpful
3
Replies

Cisco secure ACS 5.2 password change issue

starsaur1
Level 1
Level 1

Hello all,

When a new user is created with the "Must change password at next logon" check box ticked, ACS does not allow the user to change the password.  The password prompt just keeps popping up over and over.  Could anyone point me in the right direction for fixing this issue?

Thanks!

3 Replies 3

Fredric Nilsson
Level 1
Level 1

Hi,

I am having the same problem. Did you find an solution for this?

/Fredric

Are you talking about the internal users or administrator accounts?

If you go to system configuration >> Administrator >> settings >> authentication >> this is applicable for ACS administrator accounts.

However, if you click on system configuration >> users >> authentication settings >> this is applicable for all the ACS internal users.


Now, I need to know what error messge are you getting on the end-client that means if you are implementing it for telnet/ssh users. Also what protocol are we using, may be tacacs.


You should also collect logs from the ACS >> monitoring and reports >> catalog >> protocols >> tacacs authentication then click on the magnifying glass for details.


Most of the times you will be repeadely prompted due to complex password policy. The above mentioned path for internal users takes you to the section where we define password policy, please review it and see if you are resetting your password based on that policy.



HTH


Regds,

Jatin



Do rate helpful posts~

~Jatin

Using tacacs and this is for Internal users. I will create the user and check the box "change password on next login" I will then test that newly created user by trying to SSH into one of my cisco devices.

(PUTTY)

login as: bob.smith
Using keyboard-interactive authentication.
password:
Access denied

Once I go back to internal users and Uncheck the box "change password on next login" I will then be able to authenticate successfully to any of my devices. Any ideas why it will not allow them access, nor ever prompting them to change their password?

Thanks,
Ken

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: