Problem with NT Authentication

gionata.lamia at t-systems.it gionata.lamia at t-systems.it
Thu Jan 24 05:48:33 CST 2002 

Hi all,
I've  a big problem, I would like to use Radiator to switch the RAS
authentication requests to a NT server . Radiator is installed on Linux
server.
If in the RADIUS.CFG file I add the "NoCheckPassword" parameter the
 authentication takes place, otherwise on the Log of the RADIUS I have this
 error message:

"INFO: Access rejected for domain\user: NT Authentication failed: Server
Error (1)"

on my Cisco AS5300 i've codified to use chap, pap and ms-chap for PPP
authentication. I don't know because this happen, on the event view of NT
there is no errors messages.
This is my radius.cfg :

<AuthBy NT>
                Identifier NT
                # You must set the domain name here to suit your site:
                Domain administrator

                # ON NT, optionally specify the name of the
                # Primary Domain Controller, including the leading
                # \\ slashes, to override the default domain controller
                # for the domain you specified above
#               DomainController \\romeo

                # On Unix, you MUST specify the Domain Controller
                # name as the NT host name of the domain controller:
                # its not optional. This needs to be set to the NT
                # name of the Primary Domain Controller, and further
                # the NT name must be in the Unix hosts or DNS
                DomainController server.domain.it

                # On NT, you can optionally check the
                # "Grant dialin permission to user" flag in the
                # user manager. Requires the
                # Win32-RasAdmin Perl package to be installed first
                # HonourDialinPermission

                # This will set up some standard reply items for
                # your NAS, you may need others for your NAS
                DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
#               NoCheckPassword
</AuthBy>

<AuthBy DYNADDRESS>
        Identifier All-NT
        Allocator SQLAllocator
        PoolHint pool-NT
</AuthBy>

<Realm DEFAULT>
        RejectHasReason
        AuthByPolicy ContinueWhileAccept
        AuthBy NT
        AuthBy All-NT
</Realm>

Could anyone help me ?
Please !!!

Gionata Lamia

Networking Services/Systems Integrations
T-Systems Italia S.p.A.
Strada 2 Palazzo D
20090 - Assago - MI
Phone: +39 02 89248240
Fax: +39 02 89248231
Mobile: +39 348 4521210
e-mail: Gionata.Lamia at T-Systems.it
Internet: http://www.T-Systems.it

-------------------------------------------------------

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list