Password change after expire with Cisco ASA to local FR user DB (text file) Not Working
Fajar A. Nugraha
list at fajar.net
Wed Feb 8 21:42:37 CET 2012
On Thu, Feb 9, 2012 at 3:38 AM, Will Richmond <will at bootit.com> wrote:
> Thx alan, I found/read read the docs, but still trying to determine this: Which config file contains this setting:
>
> To actually force a client to change passwords, you must set the expiry bit in the SMB-Account-Ctrl value - for example:
>
> update control {
> # U == user
> # e == expired
> SMB-Account-Ctrl-Text := '[Ue]'
> }
>
> and how can i control this on a per user basis in teh users file? IOW, i dont want to force everyone to change their password. so there must be some sort of per-user flag to configure in the users file?
any attribute that you put in the control block should also be able to
go into first line of users file (where you put Expiration earlier),
or radcheck table. see "man 5 users" and doc/rlm_sql.
--
Fajar
More information about the Freeradius-Users
mailing list