User password expired when gateway is configured to RADIUS authentication.

Document ID : KB000047651
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue:

User logon fails with password expired warning when Gateway is configured to RADIUS Authentication.

#ssh user1@ip_address
Layer 7 Gateway 9.0.00
user1@ip_address password:
You are required to change your password immediately (password aged)
Creating directory '/home/user1'.
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user user1'.
Changing password for user1'.
(current) UNIX password:

Environment:

CA API Gateway 8.4, 9.0, 9.1

Cause:

As the local account password on the linux server has expired, the user1 is not able to authenticate with RADIUS even though the user tries to logon with the RADIUS user store password.

Resolution:

Disable account expiry for user1 by running this command

chage -M -1 user1