[ previous ] [ next ] [ threads ]
 
 From:  "Seth Martin" <SethM at turbinegenerator dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Radius and Active Directory Passwd Changes
 Date:  Wed, 5 Oct 2005 12:24:51 -0400 
I use windows Inet Auth Service for radius, when I force a user to
change his pass it comes up in the windows PPTP client as needing to
reset the password but when I put in the old and new with confirmation
and then I get an error 691 saying that I couldn't authenticated and it
fails.  Thing that worries me more is how long will it take a password
reset to populate down through group policy and what not to the
computer.  I think I might just switch everyone to OVPN and use
certificates instead.

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Wednesday, October 05, 2005 11:26 AM
To: Seth Martin; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Radius and Active Directory Passwd Changes

Don't know if it can be done.

First you have to know how to do this between radius-server and active
directory

The next-step is to integrate it in m0n0 and I also think the PPTP
server should support it.

PS Which radius-server do you use?

J.

-- 
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------

-----Oorspronkelijk bericht-----
Van: Seth Martin [mailto:SethM at turbinegenerator dot com] 
Verzonden: woensdag 5 oktober 2005 16:40
Aan: m0n0wall at lists dot m0n0 dot ch
Onderwerp: [m0n0wall] Radius and Active Directory Passwd Changes

Can this be done, I use the pptp server in m0n0 for my vpn server and
radius against the active directory to authenticate the users but I want
to beef up the security policy with requiring passwords be changed every
30 days, however when I set a user to change their password on next
logon and connect to the pptp it asks for a new password but the change
doesn't go through.  Also since I am using WinXP's PPTP client and the
laptops are joined to the domain they really need to update their cached
credentials, anyone have an experience with a setup like this and ways
they had to configure either the server or laptop to function.

 

Seth Martin - IT Department
Office Network Administrator

Office: (239) 549-7500 | Cell: (239) 699-4743
Turbine Generator Maintenance
Gas Turbine Maintenance
4635 Coronado Parkway, Suite 7
Cape Coral, FL 33904
sethm at turbinegenerator dot com