01-21-2019 05:25 PM
Hi I have a problem about Password expired date HA sync.
I have four pair of Paloalto firewall
PA-5020(7.1.8)
PA-3020(7.1.10)
PA-2050(7.1.10)*2
I config password expired in Device->Setup->Management->Minimum Password Complexity->Required Password Change Period
After the first password expired date, I change my password and find out a problem.
The situation like this
1. The password expired
2. I login the Master device, and the Master device force me to change my password.
3.Then I login the Slave device by using the new password. And the Slave Device will force me to change my password AGAIN.
(More worse situation,If you setting "Block Password Change Period" and forgot to change Slave password again,The device will lock you admin account only in the Slave Device....)
It look like the password change doing HA sync, but password expired status not doing HA sync.
Is there any solution about this problem?
01-23-2019 07:26 AM
it looks like the password age is not reset on the passive by the sync, you'll want to reach out to support or switch to external authentication so you no longer need to control these locally
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
