On 06/12/2012 06:47 PM, CD DD wrote:
Exec-Program output: Must change password (0xc0000224)
Exec-Program-Wait: plaintext: Must change password (0xc0000224)
Ok. ntlm_auth is returning something different to what I saw in testing.
Have you set the "must change password at next login" bit, as opposed to
"expired" bit?
Try this:
1. Edit src/modules/rlm_mschap/rlm_mschap.c about line 1100, where it
says:
if (strstr(buffer, "Password expired")) {
...to read:
if (strstr(buffer, "Password expired") ||
strstr(buffer, "Must change password")) {
2. Re-compile and re-install
3. Test again
There's no great way to parse the output of ntlm_auth. I guess we could
make the string a regexp comparison against the output, and at least
make it an item in the config file (with a sensible default) so that if
more such cases come up, or Samba change their output, it can be fixed
without a recompile.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
