07-09-2018 01:38 AM
Hi Experts,
Wanted to ask whether ISE supports neverexpire accounts for users? Customer wants to have TACACS users to have neverexpire accounts.
Thanks,
Wendy
Solved! Go to Solution.
07-09-2018 05:40 AM
Yes, that should work. There is a known issue that the users might get reminders on account expiration -- CSCvf30591.
07-09-2018 05:40 AM
Yes, that should work. There is a known issue that the users might get reminders on account expiration -- CSCvf30591.
07-10-2018 12:18 AM
Thanks! Do you know what is the first version supporting the neverexpire feature? Is it ISE2.2 with global setting? And then have each user have an expiry date set?
Regards,
Wendy
07-10-2018 10:36 AM
Since ISE 1.0, it has been possible to make an internal user account not to expire.
Prior to ISE 2.1, we configure the Password Lifetime and Lock/Suspect Account With Incorrect Login Attempts in the Password Policy under Administration > Identity Management > Settings > User Authentication Settings.
ISE 2.1 introduces Account Disable Policy globally and for individual user accounts and that has additional options to influence when an account will expire.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide