67-29
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter67 Configuring Connection Profiles, Group Policies, and Users
Configuring Connection Profiles
The following sections assume that you are using an LDAP directory server for authentication.
Using Active Directory to Force the User to Change Password at Next Logon
To force a user to change the user password at the next logon, specify the password-management
command in tunnel-group general-attributes configuration mode on the ASA and do the following steps
under Active Directory:
Step1 Select to Start > Programs > Administrative Tools> Active Directory Users and Computers
(Figure 67-1).
Figure67-1 Active Directory—Administrative Tools Menu
Step2 Right-click Username > Properties> Account.
Step3 Check the check box for User must change password at next logon (Figure 67-2).