I was wrong.
In 3. it must be: set PASSWORD_CREATED=SYSDATE (EXPIRE is still 15. :))
----- Original Message -----
From: "Ferhat Dilman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Cc: "Lutfi YUNUSOGLU" <[EMAIL PROTECTED]>
Sent: 21 Kasım 1999 Pazar 03:21
Subject: Re: (RADIATOR) Password Expiration
> Hi,
>
> Not just AuthBy SYSTEM. We are using SQL database for example.
>
> Assume that we have set the field EXPIRE=15 and WARN=3. That means every
15
> days, the user must change his/her password and probably will receive
> warning messages 3 days before. S/he may change his/her password either
last
> day thru the black terminal script screen or in a way in the web server
> (this is easy part)
>
> My solution would be:
>
> 1- Password is set. 15 days left for changing. 3 days for warning.
> EXPIRE=15, WARN=3
> 2- Every day a backend stored procedure runs for every user and will
> change/remove password which is PASSWORD_CREATED+EXPIRE>SYSDATE
> (PASSWORD_CREATED (date format, is the date password created)
> 2- User will receive warning automatically in both black screen to change
> his password, and will also receive e-mail.
> 3- user changes his password using a web interface. and set
> (EXPIRE=SYSDATE+15)
> 4- user forgets to change his password and the final day arrives. his
> password expired. when he tries to re-connect he will receive "Password
> Expired, please use guest/guestpassword account to change password"
message.
> User may connect to ONLY password-change page which is secure. After
> password changed, user may connect regularly using all services.
>
> This is my solution without (or minimal) change in radiator. What if this
> functionality is default in radius.cfg configuration items?
>
> (The minimal change would be to add request denied - password expired
> message into perl scripts and additional select statements for SQL
database)
> And I will have to add guest/guestpassword account with IP-filter into
> password-change page ONLY.
>
> My 2 cents.
>
> Best Regards,
>
> Ferhat
>
> ----- Original Message -----
> From: "Hugh Irvine" <[EMAIL PROTECTED]>
> To: "Ferhat DILMAN" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Cc: "Lutfi YUNUSOGLU" <[EMAIL PROTECTED]>
> Sent: 20 Kasım 1999 Cumartesi 04:23
> Subject: Re: (RADIATOR) Password Expiration
>
>
> >
> > Hello Ferhat -
> >
> > On Thu, 18 Nov 1999, Ferhat DILMAN wrote:
> > > >%_Hi,
> > >
> > > Is there a workaround/solution for password expiration in radiator?
> > >
> > > What we basically would like to do is to enable password changing in
the
> > > black terminal script screen or another way just after user gets the
> > > authentication.
> > >
> >
> > Well, we can certainly extend the use of getspnam to return some
> additional
> > information, but I'm not sure how you would go about letting the user
> change
> > his password?
> >
> > Can you be more specific?
> >
> > thanks
> >
> > Hugh
> >
> > --
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
> > NT, Rhapsody
> >
> > ===
> > Archive at http://www.thesite.com.au/~radiator/
> > To unsubscribe, email '[EMAIL PROTECTED]' with
> > 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
