(RADIATOR) Auth by NT group & Radius rejects expired passwords
Hugh Irvine
hugh at open.com.au
Fri Jul 12 03:47:50 CDT 2002
Hello Richard -
Please send only text to the Radiator mailing list (see below).
Your configuration file looks OK - can you please send me a trace 4 debug
showing what is happening?
regards
Hugh
On Thu, 11 Jul 2002 19:15, Richard_Challinor at kaz.com.au wrote:
> <FONT face="Default Sans Serif, Verdana, Arial, Helvetica, sans-serif"
> size=2><DIV>Hugh</DIV><DIV> </DIV><DIV>I made the changes as sugested.
> I used the sample cfg file you sent me previouly and used the examples Ash
> provided us. When using radius pwtest it checks the username and password
> aganist NT domain OK. But still dose not check if the user is in the NT
> group. Could you have a look at our new config files attached and tell
> us were we are going
> wrong.</DIV><DIV> </DIV><DIV>Thanks</DIV><DIV>Richard
> Challinor </DIV><DIV> </DIV><DIV> </DIV><DIV> </DIV><DI
>V> </DIV><DIV><BR> </DIV><FONT
> color=#990099>-----owner-radiator at open.com.au wrote:
> -----<BR><BR></FONT>To: Richard_Challinor at kaz.com.au,
> radiator at open.com.au<BR>From: owner-radiator at open.com.au<BR>Date:
> 06/29/2002 09:00AM<BR>Subject: Re: (RADIATOR) Auth by NT group & Radius
> rejects expired passwords<BR><BR><PRE>Hello Richard -I notice that Ashley
> Kent has already sent you an example (thanks Ash).You should also note that
> there is a patched version of AuthNT.pm for Radiator 3.1 that implements a
> number of new flags for dealing with password expiry, etc.Finally, there is
> usually no way to prompt a client for anything as the dialup client doesn't
> display any return messages (ie: Microsoft).regardsHughOn Fri, 28 Jun 2002
> 15:16, Richard_Challinor at kaz.com.au wrote:> We would like Radiator to
> auth to an NT group on the Domain. But we are> unsure of how to get it
> working. We have been trying to use the Group => XXX, but we must have
> the syntax wrong. If we could get an example> Radius.cfg to copy from
> someone it would help heaps.>> We also have an issue were Radiator
> rejects expired passwords for clients> logging on. Is there a way to
> have the client prompted to change the> expired password when dialing
> in.>> I have included a copy of our radius.cfg. Please make
> explanations simple> as we are newbies. :-)>> Thanks>
> Richard>>> # define AuthBy clauses>> <Realm
> DEFAULT>> <AuthBy NT>>> Identifier CheckPrimary>
> Domain KWI_CSBP> DomainController KWI_NT5>>
> </AuthBy>>> <AuthBy NT>> Identifier CheckBackup>
> Domain KWI_CSBP> DomainController KWDRPNT01>>
> </AuthBy>>>> <AuthBy NT>>
> AddToReply Service-Type = Framed-User, \> Framed-Protocal =
> PPP, \> Framed-IP-Address = 255.255.255.254, \>
> Framed-IP-Netmask = 255.255.255.255> </AuthBy>>> # Log
> accounting to a detail file> AcctLogFileName %L/detail>>
> </Realm>>>>> ===> Archive at <a
> href="http://www.open.com.au/archives/radiator/"
> target=blank>http://www.open.com.au/archives/radiator/</a>>
> Announcements on radiator-announce at open.com.au> To unsubscribe, email
> 'majordomo at open.com.au' with> 'unsubscribe radiator' in the body of the
> message.-- Radiator: the most portable, flexible and configurable RADIUS
> serveranywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS
> X.-Nets: internetwork inventory and management - graphical,
> extensible,flexible with hardware, software, platform and database
> independence.===Archive at <a
> href="http://www.open.com.au/archives/radiator/"
> target=blank>http://www.open.com.au/archives/radiator/</a>Announcements on
> radiator-announce at open.com.auTo unsubscribe, email 'majordomo at open.com.au'
> with'unsubscribe radiator' in the body of the message.</PRE></FONT>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list