EAP-PEAP + Windows 7 with SSO and Password change
Alan DeKok
aland at deployingradius.com
Wed Jun 13 08:41:57 CEST 2012
CD DD wrote:
>> The MSCHAP password change code looks for the string "Password expired"
>> in the output of the ntlm_auth command. If your ntlm_auth is printing
>> something different, it'll just assume it's a regular failure.
>
> Sure, here are the Debug output:
Which doesn't contain the string "Password expired". That's why it's
failing.
> Exec-Program output: Must change password (0xc0000224)
> Exec-Program-Wait: plaintext: Must change password (0xc0000224)
> Exec-Program: returned: 1
Phil already explained this. The debug log (while large) is pretty
clear on this.
I'll take a look to see if it can be fixed before the next release.
Alan DeKok.
More information about the Freeradius-Users
mailing list