eap-peap username/password problem
devesh gade
deveshgade152003 at gmail.com
Mon Jun 8 13:49:37 CEST 2009
hi alan,
>Windows caches the EAPOL credentials for that network after
>a successful connection.
Thanks for confirming,I had thought so.
I would like to inform you that i am working on the server side and not the
client side.Hence it is not feasible to change the registry entry of every
client.
> you could have a logout script that wipes the EAPOL stuff..
is there any way to write this logout script at the server side and execute
it at the client?
Also,is there any other way so that the client is asked his
username/password every time he tries to connect to the network?
Is there any change to be made to the eap.conf file in the tls{} cache{}
section so that this problem may be solved?
The relevant portion of my eap.conf file is:
#
# Session resumption / fast reauthentication
# cache.
#
cache {
#
# Enable it. The default is "no".
# Deleting the entire "cache" subsection
# Also disables caching.
#
# You can disallow resumption for a
# particular user by adding the following
# attribute to the control item list:
#
# Allow-Session-Resumption = No
#
# If "enable = no" below, you CANNOT
# enable resumption for just one user
# by setting the above attribute to "yes".
#
enable = no
#
# Lifetime of the cached entries, in hours.
# The sessions will be deleted after this
# time.
#
lifetime = 1 # hours
#
# The maximum number of entries in the
# cache. Set to "0" for "infinite".
#
# This could be set to the number of users
# who are logged in... which can be a LOT.
#
max_entries = 255
}
2009/6/8 <A.L.M.Buxey at lboro.ac.uk>
> Hi,
>
> > my problem is that once the users are connected to the server,they are
> not
> > asked for a username/password when they try to connect after logging out
> of
> > the network.the username/password that was used to connect to network
> > initially, is used automatically for subsequent purposes to connect to
> the
> > network.
>
> correct. Windows caches the EAPOL credentials for that network after
> a successful connection.
>
> you could have a logout script that wipes the EAPOL stuff..
>
>
>
> REGEDIT4
>
> [-HKEY_CURRENT_USER\Software\Microsoft\Eapol\UserEapInfo]
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
Tough times dont last,Tough People Do.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090608/53e839fc/attachment.html>
More information about the Freeradius-Users
mailing list