Cisco Bug: CSCvh86442 - Internal users with MAC-addr like username disabled due to last active timer not updated
Jun 14, 2019
- Cisco Identity Services Engine
Known Affected Releases
Symptom: When you have usernames in format of hex numbers like: a01146837d5f (random example), those will get disabled due to 'disable account policy' despite the fact that those users log in on regular basis. When such a user does AAA/Tacacs via ISE, you can see the usernames are translated to the form a0:11:46:83:7D:5f when written to the MnT tables. This causes a mismatch with the original username, so the last active time is not updated. Conditions: 1 Usernames in hex format 2 Disable account policy configured.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases