(ASCEND) FYI - Y2K on Radius with Expiration Date - 00/00/00

To: Ascend User-Group <ascend-users@bungi.com>
Subject: (ASCEND) FYI - Y2K on Radius with Expiration Date - 00/00/00
From: "Kevin A. Smith" <kevin@ascend.com>
Date: Fri, 29 May 1998 17:48:57 -0700
Sender: owner-ascend-users@max.bungi.com

>From: Willie Meagher
>
>I just tested the following profile in Radius on a SPARC with the date set
>to Feb 29 2000
>
>aging     Password = "willie", Ascend-PW-Expiration = "00/00/00"
>     Ascend-PW-Lifetime = 30,
>     User-Service = Framed-User,
>     Framed-Protocol = PPP,
>     Ascend-Assign-IP-Pool = 1
>
>When I logged in, I was successfully authenticated via Radius.  When using
>the DEFAULT Expiration Date of 00/00/00,
>it appears that Radius assumes that the Ascend-PW-Expiration date is the
>CURRENT date and allows the user to log in.
>When using an Expiration Date of 00/00/00, the user's password will never
>expire.
>
> It appears that the documentation is incorrect where it says:
>"When the MAX makes an authentication request, the RADIUS server checks the
>current date against the value of Ascend-PW-Expiration. If the date of the
>authentication request is the same date or a later date than the value of
>Ascend-PW-Expiration, the user receives a message saying the password has
>expired"
>
>From my testing, the password only expires if the current date is a *later*
>date than the value of Ascend-PW-Expiration.
>
>I also tested the following profile Radius server running on a SPARC with
>the current date set to May 28 1998
>
>aging     Password = "willie", Ascend-PW-Expiration = "May 27 1998""
>     Ascend-PW-Lifetime = 600,
>     User-Service = Framed-User,
>     Framed-Protocol = PPP,
>     Ascend-Assign-IP-Pool = 1
>
>When I logged into the Radius server, I was challenged to enter a new
>password.  When I changed my password, the new expiration date was set to
>today's date + value of Ascend-PW-Lifetime (600 days).  My new
>Expiration-Date was set to Jan 18 2000
>
>aging     Password = "willie", Ascend-PW-Expiration = "Jan 18 2000"
>     Ascend-PW-Lifetime = 600,
>     User-Service = Framed-User,
>     Framed-Protocol = PPP,
>     Ascend-Assign-IP-Pool = 1
>
>I successfully logged into Radius using this profile and the new Expiration
>date.
>
>Changes needed to documentation
>
>1    The year does not need to start with 19, it can be set to 2000
>
>2    The password only expires when the current date is a later date than
>the value of Ascend-PW-Expiration
>
>3    The default value of 00/00/00 - means no expiration date.
>
>Willie


Kevin Smith			Ascend Communications...
Customer Satisfaction	...where Network Solutions never end.

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Prev by Date: Re: (ASCEND) v.90 release version? when?
Next by Date: Re: (ASCEND) v.90 release version? when?
Prev by thread: (ASCEND) DBACORE messages in debug mode?
Next by thread: (ASCEND) GRF's quit responding to SNMP.
Index(es):
- Main
- Thread