Security

last person joined: 8 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

User is unable to login once his Password is expired

This thread has been viewed 2 times

  • 1.  User is unable to login once his Password is expired

    Posted Jul 01, 2019 05:55 AM

    Greetings,

     

    At one of our customer, we implemented Clearpass (Dot1x) with Cisco Switches and Wireless Controller, they are saying any way to user can connect to network if his Password expired. Scenario is below:

     

    At Clearpass we are observing Denying access due to authentication fail.

     

    Is there any possibility to allow user to change password by moving to Quarantine VLAN and once he is able to change password moved back to normal VLAN.

     

    Regrads,

    Atif. 



  • 2.  RE: User is unable to login once his Password is expired

    EMPLOYEE
    Posted Jul 01, 2019 08:32 AM

    This does not answer your question, but please consider using machine authentication only with EAP-TLS which disassociates usernames and passwords from wired authentication.  If these are domain computers, autoenrollment with EAP-TLS automatically renews certificates, making the procedure automatic.