MS-CHAP-V2 with no retry
Alan DeKok
aland at deployingradius.com
Fri Mar 4 16:05:19 CET 2011
James J J Hooper wrote:
...
> *** With a locked out user it does:
>
> server eduroamlocal-inner {
> Exec-Program output: Account locked out (0xc0000234)
> Exec-Program-Wait: plaintext: Account locked out (0xc0000234)
> Exec-Program: returned: 1
> rlm_eap_mschapv2: No MS-CHAPv2-Success or MS-CHAP-Error was found.
> Login incorrect (eduroamlocalmschap: External script says Account locked
But that doesn't set SMB-Acct-Ctrl = 0x400. That's needed for the
rlm_mschap module.
> * Also, each time MS-CHAP-Error seems to be prefixed with a character -
> Is that intended?
Yes. It's how MS-CHAP works.
Alan DeKok.
More information about the Freeradius-Users
mailing list