cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
546
Views
0
Helpful
0
Replies
Beginner

Expired AD password using AnyConnect two-factor

Hi,

Can anyone tell me if they have the following authentication setup for a remote access vpn using the anyconnect software to a cisco ASA5500(8.2) and how they manage expired passwords please?

Setup:

Anyconnect Client -> ASA FW via SSL -> two-factor Auth server(Vasco/RSA Securid) -> AD

So when the AD password expires, can the anyconnect client prompt the user that their password has expired?  Or is it a case of logging a ticket to the helpdesk to get the password reset on AD and the user logs in again?

Currently the two-factor Auth server does not backout to AD but it means managing a userid/password for this and AD seperately.  AD passwords expire after 30 days so could create a lot of tickets.

Any help would be appreciated.

Cheers

Brian

Everyone's tags (5)