On Tue, 25 Jun 2002 20:39:04 +0200, [EMAIL PROTECTED] wrote: >what i'm really looking for is a way to set expiry of a password to say >20 days and then get the user to have to change his password. any ideas
This is not so easy to do, and radius itself doesn't do that. The fact is: if a password is expired (say using the expiration attribute), radius will not let the user get in and this will prevent him from changing its own password. How can a user change his password if he's unable to log on? The solution: use the expiration attribute, but query it peridocally with a self-made script at your crontab, for instance on a daily basis. This script would eventually check for users whose password will expire within' some time, and after a deadline is reached (1 week is a good time), your script will warn the user, send a e-mail or whatever means, but let the user know that his (or her, sorry for my bad english) password will expire. WHEN the user change his password, remember to change the expiration attribute, so the user can log after the initial time of expiration. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
