(RADIATOR) Windows NT Users auth with trouble

John Edward Kekhan Nino jekekhan at poly.com.co
Fri Aug 24 10:20:59 CDT 2001


Hello Hugh

Thanks for your help.

Thats right I put the leading backslashes but I had other problem too.

You have to permit passing NBT traffic (137,138 and 139 tcp/udp ports)
through any firewall that you have, it was my problem.

After, you have to check the connection between the servers, use in a
command window (CMD) the following sentence
"net view \\domaincontroller" if it works you will see a user/password
window write them and press enter then you have to see the shared folders.

Check too in microsoft technet web site the message error "Network path not
found" there are some reasons why, and how resolve this problem.

Thanks


John Edward Kekhan N.
Network Manager
Polycom S.A. - Colombia
jekekhan at poly.com.co


> ----------
> De: 	Hugh Irvine[SMTP:hugh at open.com.au]
> Responder a: 	hugh at open.com.au
> Enviado el: 	Martes, 21 de Agosto de 2001 07:08 p.m.
> Para: 	John Edward Kekhan Nino; radiator at open.com.au
> Asunto: 	Re: (RADIATOR) Windows NT Users auth with trouble
> 
> 
> Hello John -
> 
> Could you please send me a copy of your users file?
> 
> I also think your AuthBy NT configuration is incorrect, as the 
> DomainController parameter must contain the leading backslashes. However,
> I 
> would not expect you to need to specify this if the Radiator host is able
> to 
> find the domain controller(s) by polling the network.
> 
> Have a look at section 6.25 in the Radiator 2.18.2 reference manual (in
> the 
> file "doc/ref.html" in the distribution).
> 
> regards
> 
> Hugh
> 
> 
> On Wednesday 22 August 2001 06:05, John Edward Kekhan Nino wrote:
> > Hello
> >
> > I have a trouble using Radiator to validate users in WindowsNT 4.0.  I
> have
> > a Server WinNT4.0 configured as stand-alone server where I have the
> > Radiator 2.18.2 and there are two WinNT servers installed as Domain
> > controllers, when I use the perl command radpwtst to check the config I
> > just obtain an error that I don`t know how to solve.
> >
> > This is my radius.cfg config
> >
> > # Radiator configuration file.
> >
> > AcctPort 1646
> > AuthPort 1645
> > DbDir E:\Radiator-2.18.2\radius
> > DictionaryFile %D\dictionary\dictionary
> > FingerProg C:\WINNT\system32\finger.exe
> > LogDir E:\Radiator-2.18.2\log
> > LogFile %L\logradius.log
> > PidFile %L\radiusd.pid
> > Trace 4
> >
> > <Client localhost>
> >   DupInterval 0
> >   Secret mysecret
> > </Client>
> >
> > <Client DEFAULT>
> >   DupInterval 0
> >   Secret mysecret
> > </Client>
> >
> > <Client TotalControl>
> >   Description totalcontrol
> >   DupInterval 2
> >   NasType TotalControl
> >   Secret xxxxxxxxxxxxxxxxxx
> > </Client>
> >
> > <Realm DEFAULT>
> >
> >     AuthByPolicy ContinueUntilReject
> >
> >     <AuthBy NT>
> >         Description Windows NT domain
> >         Domain domain1
> >         DomainController hostname1
> >         Identifier domain1
> >     </AuthBy>
> >
> >     <AuthBy NT>
> >         Description Windows NT Domain Trans
> >         Domain domain2
> >         DomainController hostname2
> >         Identifier domain2
> >     </AuthBy>
> >
> >     <AuthBy FILE>
> >         Description testing
> >         Filename %D\users
> >         Identifier FileUsers
> >     </AuthBy>
> >
> >     Description RAS
> >     RejectHasReason
> >     SessionDatabase
> > </Realm>
> >
> > <SNMPAgent >
> >   Community public
> >   Port 161
> > </SNMPAgent>
> >
> > and the logradius has the following
> >
> > Tue Aug 21 11:45:06 2001: DEBUG: Packet dump:
> > *** Received from 127.0.0.1 port 1956 ....
> > Code:       Access-Request
> > Identifier: 96
> > Authentic:  1234567890123456
> > Attributes:
> > 	User-Name = "fred"
> > 	Service-Type = Framed-User
> > 	NAS-IP-Address = 203.63.154.1
> > 	NAS-Port = 1234
> > 	Called-Station-Id = "123456789"
> > 	Calling-Station-Id = "987654321"
> > 	NAS-Port-Type = Async
> > 	User-Password =
> > "<159><249>:<201><206>\<4><246><188>8<9><160><216>}x<153>"
> >
> > Tue Aug 21 11:45:06 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Tue Aug 21 11:45:06 2001: DEBUG:  Deleting session for fred,
> 203.63.154.1,
> > 1234
> > Tue Aug 21 11:45:06 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:17 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with Radius::AuthFILE
> > Tue Aug 21 11:45:19 2001: DEBUG: Radius::AuthFILE looks for match with
> fred
> > Tue Aug 21 11:45:19 2001: DEBUG: Radius::AuthFILE REJECT: Bad Password
> > Tue Aug 21 11:45:19 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:19 2001: DEBUG: Radius::AuthFILE REJECT: NT
> GetAttributes
> > failed: 53: The network path was not found.
> >
> >
> >
> > Tue Aug 21 11:45:19 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT1
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:19 2001: DEBUG: Radius::AuthFILE REJECT: NT
> GetAttributes
> > failed: 53: The network path was not found.
> >
> >
> >
> > Tue Aug 21 11:45:19 2001: INFO: Access rejected for fred: NT
> GetAttributes
> > failed: 53: The network path was not found.
> >
> >
> >
> > Tue Aug 21 11:45:19 2001: DEBUG: Packet dump:
> > *** Sending to 127.0.0.1 port 1956 ....
> > Code:       Access-Reject
> > Identifier: 96
> > Authentic:  1234567890123456
> > Attributes:
> > 	Reply-Message = "NT GetAttributes failed: 53: The network path was
> > not found.<13><10>"
> >
> > Tue Aug 21 11:45:19 2001: DEBUG: Packet dump:
> > *** Received from 127.0.0.1 port 1956 ....
> > Code:       Accounting-Request
> > Identifier: 97
> > Authentic:  <229><221><171>T<236>.<16>ua<254>@<14><173><134><247>$
> > Attributes:
> > 	User-Name = "fred"
> > 	Service-Type = Framed-User
> > 	NAS-IP-Address = 203.63.154.1
> > 	NAS-Port = 1234
> > 	NAS-Port-Type = Async
> > 	Acct-Session-Id = "00001234"
> > 	Acct-Status-Type = Start
> > 	Called-Station-Id = "123456789"
> > 	Calling-Station-Id = "987654321"
> >
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Tue Aug 21 11:45:19 2001: DEBUG:  Adding session for fred, 203.63.154.1,
> > 1234
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with Radius::AuthFILE
> > Tue Aug 21 11:45:19 2001: DEBUG: Accounting accepted
> > Tue Aug 21 11:45:19 2001: DEBUG: Packet dump:
> > *** Sending to 127.0.0.1 port 1956 ....
> > Code:       Accounting-Response
> > Identifier: 97
> > Authentic:  <229><221><171>T<236>.<16>ua<254>@<14><173><134><247>$
> > Attributes:
> >
> > Tue Aug 21 11:45:19 2001: DEBUG: Packet dump:
> > *** Received from 127.0.0.1 port 1956 ....
> > Code:       Accounting-Request
> > Identifier: 98
> > Authentic:  <218>[bYZ<202><149>9<166><251><142><238><140>V<212>M
> > Attributes:
> > 	User-Name = "fred"
> > 	Service-Type = Framed-User
> > 	NAS-IP-Address = 203.63.154.1
> > 	NAS-Port = 1234
> > 	NAS-Port-Type = Async
> > 	Acct-Session-Id = "00001234"
> > 	Acct-Status-Type = Stop
> > 	Called-Station-Id = "123456789"
> > 	Calling-Station-Id = "987654321"
> > 	Acct-Delay-Time = 0
> > 	Acct-Session-Time = 1000
> > 	Acct-Input-Octets = 20000
> > 	Acct-Output-Octets = 30000
> >
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Tue Aug 21 11:45:19 2001: DEBUG:  Deleting session for fred,
> 203.63.154.1,
> > 1234
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with NT
> > Tue Aug 21 11:45:19 2001: DEBUG: Handling with Radius::AuthFILE
> > Tue Aug 21 11:45:19 2001: DEBUG: Accounting accepted
> > Tue Aug 21 11:45:19 2001: DEBUG: Packet dump:
> > *** Sending to 127.0.0.1 port 1956 ....
> > Code:       Accounting-Response
> > Identifier: 98
> > Authentic:  <218>[bYZ<202><149>9<166><251><142><238><140>V<212>M
> > Attributes:
> >
> > What does the following message mean? Reply-Message = "NT GetAttributes
> > failed: 53: The network path was not found.<13><10>"
> >
> > Do I have to config trusted relations between all three WinNT servers?
> >
> >
> > John Edward Kekhan N.
> > Network Manager
> > Polycom S.A.
> > jekekhan at poly.com.co
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> 
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list