1 Reply Latest reply: Dec 6, 2017 12:35 PM by kthiruve RSS

ISE 2.2  change password with users


Hello Community



I have a problem with end users,



I have ISE 2.2 configured and only policies to authenticate with 802.1x. everything is fine until ISE detects that it requires a change of password, I say that ISE because it sends a report attached as an image. already review the resolution, but if the password change is enabled on the ISE platform.




When trying to make the password change from the user's computer, the AD does not allow it and the user had to be removed from the domain and re-entered so that the AD could accept the password change, but for this I had to remove the configuration of the switch port.



What do you recommend to be done? Is it a configuration or user error or AD error?

  • 1. Re: ISE 2.2  change password with users



    Couple of things you can do is to make sure you allow certain ports to AD open before authentication on the interface.

    Try this first with switchport configured as "authentication open" to allow everything to network ( on a test machine) before and after authentication to see if it changes the behavior. Other than the AD should allow users to change the password from their "Control + Alt + Delete" prompt.