1-30
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Connection Profiles, Group Policies, and Users
Configuring Connection Profiles
Figure 1-2 Active Directory—User Must Change Password at Next Logon
The next time this user logs on, the ASA displays the following prompt: “New password required.
Password change required. You must enter a new password with a minimum length n to continue.” You
can set the minimum required password length, n, as part of the Active Directory configuration at Start >
Programs > Administrative Tools > Domain Security Policy > Windows Settings > Security Settings >
Account Policies > Password Policy. Select Minimum password length.
Using Active Directory to Specify Maximum Password Age
To enhance security, you can specify that passwords expire after a certain number of days. To specify a
maximum password age for a user password, specify the password-management command in
tunnel-group general-attributes configuration mode on the ASA and perform the following steps under
Active Directory:
Step 1 Choose Start > Programs > Administrative Tools > Domain Security Policy > Windows Settings >
Security Settings > Account Policies > Password Policy.
Step 2 Double-click Maximum password age. The Security Policy Setting dialog box appears.
Step 3 Check the Define this policy setting check box and specify the maximum password age, in days, that
you want to allow.
To Next Page
Loading...
Need help?
General
