08-12-2014 09:37 PM - edited 03-10-2019 09:56 PM
Hi Guys,
Good Day!
I need help to disable some settings in the password policy via CLI. I always got the error message below when I tried it even though I don't have any secondary node. I'm just using one ISE 1.2 standalone.
Error Message:
% Error: Configuration changes ignored. Password policy is replicated from ISE administration node. Please set CLI password policy using the ISE web UI on the primary administration node.
The main issue is that my GUI password always expired whenever I did not access it for a long time (approximately a month) so I tried to disabled the settings via GUI however, it is still the same.
Thanks for the help!
Cheers,
Nikko
08-15-2014 04:42 PM
In the GUI go to "Administration > Admin Access > Authentication > Password Policy Tab" There you can adjust all of the password settings that you are referring to.
Thank you for rating helpful posts!
08-16-2014 05:18 AM
Hi Neno,
Good Day!
Thanks for the reply however, I already adjusted it but the GUI credentials always expires when I don't logged-in for a long time.
Thanks for the help in advance.
niks
08-17-2014 04:07 AM
The only option you have is to remove the administrator passwords expire option from the GUI, or you can increase to the maximum limit which is 3650 days.
Once you un-check the box from the settings, then also it will be removed from the CLI configuration.
08-17-2014 10:30 PM
What patch are you running on your deployment? Also:
1. Make sure your node is set to "standalone"
2. You don't see any other nodes in the deployment window
Thank you for rating helpful posts!
06-10-2015 08:57 PM
In version 1.2.1, you cannot change the CLI password expiry from the CLI. It has to be done from the Admin GUI.
Administration -> System -> Admin Access -> Authentication -> Password Policy
Then disable /untick Suspend or Lock Account with Incorrect Login Attempts
After that you can confirm the settings via show run command in CLI.
If you have multiple ISE servers, this will apply to all of the at once.
- See more at: https://supportforums.cisco.com/discussion/11686231/how-disable-ise-cli-password-expiration#sthash.RGQLAPNj.dpuf
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: