Hello Ferhat -
On Sun, 21 Nov 1999, Ferhat Dilman wrote:
> Hi,
>
> Not just AuthBy SYSTEM. We are using SQL database for example.
>
> Assume that we have set the field EXPIRE=15 and WARN=3. That means every 15
> days, the user must change his/her password and probably will receive
> warning messages 3 days before. S/he may change his/her password either last
> day thru the black terminal script screen or in a way in the web server
> (this is easy part)
>
> My solution would be:
>
> 1- Password is set. 15 days left for changing. 3 days for warning.
> EXPIRE=15, WARN=3
> 2- Every day a backend stored procedure runs for every user and will
> change/remove password which is PASSWORD_CREATED+EXPIRE>SYSDATE
> (PASSWORD_CREATED (date format, is the date password created)
> 2- User will receive warning automatically in both black screen to change
> his password, and will also receive e-mail.
> 3- user changes his password using a web interface. and set
> (EXPIRE=SYSDATE+15)
> 4- user forgets to change his password and the final day arrives. his
> password expired. when he tries to re-connect he will receive "Password
> Expired, please use guest/guestpassword account to change password" message.
> User may connect to ONLY password-change page which is secure. After
> password changed, user may connect regularly using all services.
>
> This is my solution without (or minimal) change in radiator. What if this
> functionality is default in radius.cfg configuration items?
>
> (The minimal change would be to add request denied - password expired
> message into perl scripts and additional select statements for SQL database)
> And I will have to add guest/guestpassword account with IP-filter into
> password-change page ONLY.
>
Now you have confused me - it looks like you have already solved the problem?
Just to clarify things, what would you like to see added to Radiator?
thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
