Does anyone know which radius servers actually work with the password history n-2 feature in Active Directory?
>From the link below... "This new feature is sometimes called password history n-2. The most recent previous password is referred as n-1. The next most recent is n-2. Not all authentication<http://social.technet.microsoft.com/wiki/contents/articles/16757.active-directory-glossary.aspx#Authentication> types will take advantage of this new feature. Kerberos<http://social.technet.microsoft.com/wiki/contents/articles/16757.active-directory-glossary.aspx#Kerberos> and NTLM<http://social.technet.microsoft.com/wiki/contents/articles/20580.wiki-glossary-of-technology-acronyms.aspx#NTLM> authentication protocols support password history n-2. These protocols are used when either a password or smart card is used for interactive logon. Other protocols, such as RADIUS<http://social.technet.microsoft.com/wiki/contents/articles/20580.wiki-glossary-of-technology-acronyms.aspx#RADIUS> and PEAP, may or may not increment badPwdCount when a bad password is attempted. Some protocols do not forward bad password attempts to the PDC Emulator. That might explain why phone users can get locked out if the phone attempts repeatedly to authenticate with a bad password." http://social.technet.microsoft.com/wiki/contents/articles/32490.active-directory-bad-passwords-and-account-lockout.aspx#Account_Lockout_in_Windows_TwoThousandThree_and_Above Thanks Trent Trenton Hurt, CWNA,CWDP,CWSP,CWAP,CCNP(W),CCNA(W),CCNA(V),CCNA(R/S) Wireless Network Administrator University of Louisville Phone (502) 852-1513 FAX (502) 852-1424 Wireless.louisville.edu<wireless.louisville.edu> ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
