MS-CHAP-V2 with no retry
Phil Mayers
p.mayers at imperial.ac.uk
Fri Mar 4 00:09:42 CET 2011
>
> It has been reported that if the Microsoft NPS server is configured
> for no retries (E=691 R=0) that mac/iphones/ipads then act like
> windows xp machines in that they report to the user that the password
> needs attention.
>
> Would it be possible to modify rlm_mschap.c to be conigured as to how
> many retries were allowed before returning authentication failure
> with no retry?
Obviously it's possible. It's not clear it would help though; are you
using plain MS-CHAP or EAP-MSCHAP?
Can you explain what you're trying to accomplish; I didn't really
understand your email in full (not sure what the stuff about Macs was
all about; not sure whether "change password" means "user tries again
with a different password string" or "user executes the change-password
protocol because their old one has expired)
More information about the Freeradius-Users
mailing list