MS-CHAP-V2 with no retry
Alan DeKok
aland at deployingradius.com
Fri Mar 4 09:55:50 CET 2011
John.Hayward at wheaton.edu wrote:
> I am asking that it be configurable as to how many retries are allowed
> (eg how many E=691 R=1) before a no retries failed authentication
> message (E=691 R=0) is sent.
The answer here is to use a database. FreeRADIUS doesn't keep track
of any long-term data. It uses a database.
> If a no retries failed authentication message (E=691 R=0) is sent I
> believe that that the apple device to re-prompt the user to update the
> password.
If you want to set "E=691 R=0", you can use "unlang" in the
"post-auth-type Reject" section to re-write the attribute.
Alan DeKok.
More information about the Freeradius-Users
mailing list