16 Nov
2012
16 Nov
'12
11:36 a.m.
On 16/11/12 14:08, Carlos Velasco wrote:
On 16/11/12 11:43, Carlos Velasco wrote:
I don't see LM hashes allowed in the Radius attributes for password change. Don't seem Cisco using them.
Sorry yes ignore me; I'm being dumb.
Ok. After further findings... it is a bug in Cisco IOS router version 15.1M. Downgrading to 15.0M works fine.
I have seen that after "Password change successful", the module tries to authenticate the user again but with wrong password, I suppose. "Logon failure".
That's supposed to work. The "change password" code modifies the request in-place and falls through to the auth code. It might be that "ntlm_auth / Samba" haven't "caught up" with the password change, if it's slow to replicate.