Cisco Bug: CSCtf06311 - All internal users disabled automatically after logging in a single user
Feb 26, 2018
- Cisco Secure Access Control Server Solution Engine
Known Affected Releases
Symptom: ACS 5.1 internal users get disabled with the reason "password expired". Conditions: Reproducible on demand: 1. ACS 220.127.116.11 2. Configure one or more internal users, with or without the checkbox to enforce the password change. 3. Under the users authentication settings, select the two options Disable user account after X days if password was not changed Display reminder after Y days 4. Authenticate successfully just one user via Tacacs+ and wait for 30 minutes or more. 5. All the internal users will be automatically disabled by the Administrator user called 'SERVICE', with Object Type 'ProtocolUser' with the blocking reason 'PASSWORD_EXPIRED'.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases