Attribute MS-CHAP-Error
nicolas.clo at ricoh-industrie.fr
nicolas.clo at ricoh-industrie.fr
Tue Jan 21 13:59:39 CET 2014
Hi all,
Before Freeradius 3, I could sucessfully log the attribute Module-Failure-Message to catch many
errors of ntlm_auth.
In Freeradius 3 , if a user must change his password, the Module-Failure-Message return nothing (it
doesn't yet exist )
Maybe it's with the new support of Change password in module mschap ??!
My question is, how I can catch this error ?
I try with the attribute MS-CHAP-Error but it the same result
In log below, attribute doesn't yet exist when I try to catch him
(16) log_mschap_error log_mschap_error {
(16) ? if (MS-CHAP-Error =~ /.*Password expired.*/i)
(16) ERROR: Failed retrieving values required to evaluate condition
(16) } # log_mschap_error log_mschap_error = updated
(16) } # Post-Auth-Type REJECT = updated
} # server inner-tunnel
(16) eap_peap : Got tunneled reply code 3
MS-CHAP-Error = '\tE=648 R=0 C=6833f9aa49b2f6bcc7dd53241f906cc7 V=3 M=Password Expired'
EAP-Message = 0x04090004
Message-Authenticator = 0x00000000000000000000000000000000
(16) eap_peap : Got tunneled reply RADIUS code 3
MS-CHAP-Error = '\tE=648 R=0 C=6833f9aa49b2f6bcc7dd53241f906cc7 V=3 M=Password Expired'
EAP-Message = 0x04090004
Message-Authenticator = 0x00000000000000000000000000000000
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140121/7746cb1c/attachment.html>
More information about the Freeradius-Users
mailing list