Windows client MS-chap auto-reauthentication
Arran Cudbard-Bell
a.cudbard-bell at sussex.ac.uk
Sun Oct 18 23:36:01 CEST 2009
Alan Buxey wrote:
> hi,
>
> XP caches successful connections - Vista does too IIRC so I'm not
> sure why you are seeing different behaviour.. anyhow..you can clear
> the credentials by blatting a registry on eg logout or login.
> the RADIUS server wont see the difference between std login and
> cached login as the client sends the same stuff.
>
> regarding theft. you are using EAP-TLS with client certs? in that case,
> you can simply revoke that client cert. the joys of using PKI
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
The windows supplicant should remove cached credentials if you return an
EAP-Failure before the
EAP type is negotiated.
Have fun implementing that in a none disruptive way :)
-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20091018/cc72a702/attachment.pgp>
More information about the Freeradius-Users
mailing list