Expired Active Directory Passwords & Wireless Authentication
Jason Agress
Jason_Agress at newton.k12.ma.us
Wed Oct 10 01:31:13 CEST 2012
Hi all,
We're currently using Microsoft IAS for RADIUS on our Cisco managed
wireless network. We do wireless logon on our clients, which requires the
user to first authenticate to RADIUS to initiate the wireless connection,
then authenticate against Active Directory to complete the login process.
The problem we run into is when a user's password expires and RADIUS
authentication is unsuccessful; since the wireless connection cannot be
made, AD cannot be contacted to authenticate the user and, ideally, prompt
to change the password.
I've read lots about this problem with FreeRADIUS and have seen some
implied solutions, but nothing concrete. So here's my question: With
FreeRADIUS, is there a way to allow successful RADIUS authentication with
an expired password? This way the AD login process can commence and the
user can be prompted to change his/her password wirelessly.
Thanks in advance!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121009/6fc5d7a5/attachment-0001.html>
More information about the Freeradius-Users
mailing list