Hi all;
I have several questions regarding the 'Change Password' functionality in various areas of ISE because there is little or no useful guidance on this topic from Cisco...
As far as I know, there are two places in ISE where you we can manage the "Password Change" operation:
1. From Administration -> Identity Management -> External Identity Sources -> Advanced Settings -> Enable Password Change
2. From Policy -> Policy Elements -> Results -> Allowed Protocols Services -> Default Network Access -> Allow PEAP -> Allow Password Change
Now my questions:
1. Do these options relate to each other?
2. What should happen under normal conditions when these options are enabled?
3. In the second option, what does "Retries" mean?
4. In the second option, it appears the "Retires" field does not relates to the "Allow Password Change" option. Now, how we can interpret that when we disable "Allow Password Change" option and configure the "Retires" option to 2?
Thanks