Expired Active Directory Passwords & Wireless Authentication

Jason Agress Jason_Agress at newton.k12.ma.us
Wed Oct 10 13:48:40 CEST 2012


Thanks, that makes sense. Just out of curiosity, which types of clients
typically support the MSCHAP password change? Does Windows?

Alan Buxey <A.L.M.Buxey at lboro.ac.uk> writes:
>No.
>
>You cannot do a successful auth against an incorrect password as you
>haven't got agreement from both ends and therefore no keying material
>required for WPA-RADIUS...therefore no key for the wireless association.
>Password change can only be performed INSIDE the PEAP negotiation. As has
>already been said, latest version already supports this...some clients do
>to.
>
>alan
>--
>This smartphone uses free WiFi around the world with eduroam, now that's
>what I call smart.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121010/7a5bbf43/attachment.html>


More information about the Freeradius-Users mailing list