cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
551
Views
4
Helpful
1
Replies

ISE 2.2 change password with users

Hello Community

I have a problem with end users,

I have ISE 2.2 configured and only policies to authenticate with 802.1x. everything is fine until ISE detects that it requires a change of password, I say that ISE because it sends a report attached as an image. already review the resolution, but if the password change is enabled on the ISE platform.

Log_ISE.jpg

When trying to make the password change from the user's computer, the AD does not allow it and the user had to be removed from the domain and re-entered so that the AD could accept the password change, but for this I had to remove the configuration of the switch port.

What do you recommend to be done? Is it a configuration or user error or AD error?

1 Accepted Solution

Accepted Solutions

kthiruve
Cisco Employee
Cisco Employee

Christian,

Couple of things you can do is to make sure you allow certain ports to AD open before authentication on the interface.

Try this first with switchport configured as "authentication open" to allow everything to network ( on a test machine) before and after authentication to see if it changes the behavior. Other than the AD should allow users to change the password from their "Control + Alt + Delete" prompt.

Thanks

Krishnan

View solution in original post

1 Reply 1

kthiruve
Cisco Employee
Cisco Employee

Christian,

Couple of things you can do is to make sure you allow certain ports to AD open before authentication on the interface.

Try this first with switchport configured as "authentication open" to allow everything to network ( on a test machine) before and after authentication to see if it changes the behavior. Other than the AD should allow users to change the password from their "Control + Alt + Delete" prompt.

Thanks

Krishnan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: