Security

 View Only
Back to discussions
Expand all | Collapse all

Local Users Password Reset Before Expiration (TACACS+ Users)

This thread has been viewed 12 times

  • 1.  Local Users Password Reset Before Expiration (TACACS+ Users)

    Posted Oct 03, 2025 08:06 AM

    Hello, i hope everyone is having a great day.

    Our client is using local users on ClearPass to authenticate admins on Cisco switches, and they want those users to be able to reset their passwords before they expire.

    I know there is an option you can check to force users to change their password at their next login, but the client wants this process to happen automatically without the intervention of a ClearPass administrator.

    I tried to lab it, but I couldn't find a way to do it.

    Thanks.



    -------------------------------------------


  • 2.  RE: Local Users Password Reset Before Expiration (TACACS+ Users)
    Best Answer

    Posted Oct 03, 2025 09:35 AM

    That would require something like a self-service portal, which ClearPass doesn't have for local users.  Best option is to utilize a separate credentials store for the purpose.  Last time I wanted something similar I ended up deploying FreeIPA.



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------

    Original Message


Related Content