[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Radius and Active Directory Passwd Changes
 Date:  Fri, 7 Oct 2005 02:22:14 -0400
On 10/5/05, Seth Martin <SethM at turbinegenerator dot com> wrote:
> I use windows Inet Auth Service for radius, when I force a user to
> change his pass it comes up in the windows PPTP client as needing to
> reset the password but when I put in the old and new with confirmation
> and then I get an error 691 saying that I couldn't authenticated and it
> fails.

I believe this is a major gotcha with IAS.  I recall reading in
Cisco's documentation somewhere that if a user must change their
password (expired, or forced change) and is authenticating via IAS,
they'll be stuck and not able to log in.  I believe they claimed it
was an issue in that passwords can't be changed over IAS RADIUS.