Tacacs+ Local User Account Configuration
Hi All,
I have ACS v4.1 that we use in our Enterprise, I am able to create local user accounts and also set the passwords. When I log onto an configured AAA client, the authentication works fine and lets me login.
The problem I have is when I allocate the User Accounts & Passwords to the necessary engineers, I want them to be able to reset their passwords on their Tacacs+ account without having to manually do it through the Interface as I am the only administrator.
Is there an option that will allow me to do this so that the first time the users login onto an AAA client they are able to reset their password, for example?
The whole point is so that they are the only one's who know their password.
Your help is much appreciated.
I have ACS v4.1 that we use in our Enterprise, I am able to create local user accounts and also set the passwords. When I log onto an configured AAA client, the authentication works fine and lets me login.
The problem I have is when I allocate the User Accounts & Passwords to the necessary engineers, I want them to be able to reset their passwords on their Tacacs+ account without having to manually do it through the Interface as I am the only administrator.
Is there an option that will allow me to do this so that the first time the users login onto an AAA client they are able to reset their password, for example?
The whole point is so that they are the only one's who know their password.
Your help is much appreciated.
Comments
-
billscott92787 Member Posts: 933They have a similar setup at the location that I work on now. But, the way it works their server compares against AD, so when logging into a system, it goes to their TACACS server, checks your credentials against AD, and then lets you login. If the password is set to expire, it will prompt you to change it. But, I don't know if your just configuring them on the server, if it will work like that, especially since it's just through them logging onto the routers/devices.