[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: FreeRADIUS 3 and Expired AD Passwords for Wireless Auth
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2018-01-26 19:49:43
Message-ID: 1F933374-17CB-4695-BE6B-E7AF3165CAA8 () deployingradius ! com
[Download RAW message or body]

On Jan 26, 2018, at 12:34 PM, Trinklein, Jason R <trinkleinj@cofc.edu> wrote:
> 
> We are using FR3 for WPA2 Enterprise authentication to our wireless network.
> 
> We have been having issues with various user devices not prompting for new \
> passwords after the old one expires in AD. Instead, the user simply gets a message \
> that they are "unable to connect to network". This requires the user to remove the \
> network from their device and re-associate. Sometimes in Windows, the user must \
> delete and reinstall the wireless adapter.

  Do you have the mschap module configured to allow password changes?

> I'm unsure if there is something wrong with our FreeRADIUS configuration that is \
> improperly communicating the nature of the authentication failure to the user \
> devices. Does anyone have any suggestions? We are running FreeRADIUS 3 on Ubuntu \
> with winbind (not ntlm_auth) connections to our Active Directory server. It may \
> have nothing to do with our FR3 servers…is anyone else facing similar password \
> expiration challenges?

  I haven't seen any issues reported.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]