how to add MSCHAPV2 Retry Max
John.Hayward at wheaton.edu
John.Hayward at wheaton.edu
Tue May 10 18:42:43 CEST 2011
Free Radius Developers,
Can someone point me to how to:
1) add a configuration value (the retry count allowed).
2) add a state value associated with a session (current retry count).
The motivation is:
When a windows xp box is authenticating against freeradius with patches
to support retry and freeradius is configured to allow retry and the user
enters a wrong username the user is presented with a balloon which has:
====
Wireless Network Connection -- Click here to process your login
information for the network yyyy
====
The duologue window pops up with title "Re-enter Credentials"
The User name entry shows the entered username grayed out
The Password has dots for each letter entered
The Domain is grayed out
There is an Ok and Cancel button.
The user cannot correct the wrong username.
If they hit either Ok a new balloon pops up with the same info.
If they hit cancel in a while (seems about 30 sec) a new balloon pops up.
After about 2 minutes a different balloon pops up where they can enter
their credentials of User name, password and login domain.
If retry is not enabled no balloon which results in a "Re-enter
Credentials" dialog box occurs - after a long while (over 2 minutes) a
balloon pops up where the user can enter their User name, password and
login domain.
There seems to be a problem when retry is not enabled of getting the
windows client to detect there is a problem and giving up in a quicker
time frame.
That issue aside I would like to implement a retry count so that if say a
retry count of 3 the user would be presented with at most 3 "Re-enter
Credentials" dialog box before having the client go into a different
mode where it fails and then gives the user a chance to enter user name
and password.
TIA
johnh...
More information about the Freeradius-Devel
mailing list