[ previous ] [ next ] [ threads ]
 From:  "Seth Martin" <SethM at turbinegenerator dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Radius and Active Directory Passwd Changes
 Date:  Wed, 5 Oct 2005 12:24:51 -0400
I use windows Inet Auth Service for radius, when I force a user to
change his pass it comes up in the windows PPTP client as needing to
reset the password but when I put in the old and new with confirmation
and then I get an error 691 saying that I couldn't authenticated and it
fails.  Thing that worries me more is how long will it take a password
reset to populate down through group policy and what not to the
computer.  I think I might just switch everyone to OVPN and use
certificates instead.

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Wednesday, October 05, 2005 11:26 AM
To: Seth Martin; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Radius and Active Directory Passwd Changes

Don't know if it can be done.

First you have to know how to do this between radius-server and active

The next-step is to integrate it in m0n0 and I also think the PPTP
server should support it.

PS Which radius-server do you use?


Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
jonathan dot de dot graeve at imelda dot be

Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite

-----Oorspronkelijk bericht-----
Van: Seth Martin [mailto:SethM at turbinegenerator dot com] 
Verzonden: woensdag 5 oktober 2005 16:40
Aan: m0n0wall at lists dot m0n0 dot ch
Onderwerp: [m0n0wall] Radius and Active Directory Passwd Changes

Can this be done, I use the pptp server in m0n0 for my vpn server and
radius against the active directory to authenticate the users but I want
to beef up the security policy with requiring passwords be changed every
30 days, however when I set a user to change their password on next
logon and connect to the pptp it asks for a new password but the change
doesn't go through.  Also since I am using WinXP's PPTP client and the
laptops are joined to the domain they really need to update their cached
credentials, anyone have an experience with a setup like this and ways
they had to configure either the server or laptop to function.


Seth Martin - IT Department
Office Network Administrator

Office: (239) 549-7500 | Cell: (239) 699-4743
Turbine Generator Maintenance
Gas Turbine Maintenance
4635 Coronado Parkway, Suite 7
Cape Coral, FL 33904
sethm at turbinegenerator dot com