Core issue
In this issue, Cisco Secure ACS hangs while the administrator tries to edit a particular user, and all other user profiles work fine. This issue typically occurs if database replication is configured on ACS.
When an administrator tries change the password from Telnet, this initiates a Replication Request, and during replication, the adminstrator is not able to access the account properly.
Resolution
In order to reoslve this issue, choose System Configuration > Local Password Management. In Remote Change Password , uncheck Upon remote user password change, immediately propagate the change to selected replication partners.
Upon remote user password change, immediately propagate the change to selected replication partners This setting determines whether ACS sends its replication partners any passwords that are changed during a Telnet session that is hosted by a TACACS+ AAA client, the Authentication Agent, or the User-Changeable Passwords web interface.
The ACSs that are configured as the replication partners of this ACS appear in this check box. This feature depends on the Database Replication feature that is configured properly; but, replication scheduling does not apply to propagation of changed password information.
ACS sends changed password information immediately, regardless of replication scheduling. Changed password information is replicated only to ACSs that are properly configured to receive replication data from this ACS. The automatically triggered cascade setting for the Database Replication feature does not cause ACSs that receive changed password information to send it to their replication partners.
Refer to the Configuring Local Password Management on Cisco Secure ACS section of System Configuration: Basic for more information.
Problem Type
How to (General Information)
Troubleshoot software feature
Product Family
Cisco Secure access control server