No it is not possible, according to MS at least. Their article is at http://support.microsoft.com/default.aspx?scid=kb;en-us;823731
You could create a login script that resets the registry everytime someone logs in. You could also provide your users with a NAL object or some other deployed mechanism to do this if they want to change credentials. An easy way to clear the username on the fly (especially for testing) is to use a .reg file. Create a file called UserEapInfo.reg file and paste in the following information: REGEDIT4 [-HKEY_CURRENT_USER\Software\Microsoft\Eapol\UserEapInfo] Now double click on the file to merge it. This will delete the existing info and you will be prompted again. I got this solution came from www.jsiinc.com and it works a treat. Peter -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Khurram Jahangir Sent: Friday, 15 October 2004 12:14 AM To: [EMAIL PROTECTED] Subject: PEAP with MSCHAPV2 (windows xp remembers the username/password in cache) Hi All, I have set up freeradius server 1.0.1 and I am using windows XP 802.1x client. The authenticator is an HP 2524 switch. I have test the setup with PEAP using MSCHAP V2 and it worked fine for me. My problem is that I want to use this mechanism for VLAN selection so that depending on the username/password, the user gets the VLAN from the freeradius server. Now the problem here is that windows xp stores the username and password in the cache and in case user wants to get reauthenticated to and get assigned to another vlan, the username/password should be entered again. I can go in registry and delete the file and in that case, when I reconnect the client, I will be asked to enter the username/password. I wonder if it is possible to tell windows not to store the username/password in the cache. May be any of you knows about this. I dont know may be I can set some parameter in radisu configuration that trigers the windows xp 802.1x client to enter the username and password everytime the user connects the computer to the network. Probably someone knows about an open source 802.1x client which works for windows and linux both. I will really appreciate any kind of help regarding this. Best Regards Khurram __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
