(RADIATOR) Problem with NT Authentication

Hugh Irvine hugh at open.com.au
Thu Jan 24 15:27:35 CST 2002


Hello Gionata -

You will need to use PAP authentication with NT.

If you still have a problem, please send me a trace 4 debug from Radiator 
showing what is happening.

regards

Hugh


> Hi all,
> I've  a big problem, I would like to use Radiator to switch the RAS
> authentication requests to a NT server . Radiator is installed on Linux
> server.
> If in the RADIUS.CFG file I add the "NoCheckPassword" parameter the
>  authentication takes place, otherwise on the Log of the RADIUS I have this
>  error message:
>
> "INFO: Access rejected for domain\user: NT Authentication failed: Server
> Error (1)"
>
> on my Cisco AS5300 i've codified to use chap, pap and ms-chap for PPP
> authentication. I don't know because this happen, on the event view of NT
> there is no errors messages.
> This is my radius.cfg :
>
> <AuthBy NT>
>                 Identifier NT
>                 # You must set the domain name here to suit your site:
>                 Domain administrator
>
>                 # ON NT, optionally specify the name of the
>                 # Primary Domain Controller, including the leading
>                 # \\ slashes, to override the default domain controller
>                 # for the domain you specified above
> #               DomainController \\romeo
>
>                 # On Unix, you MUST specify the Domain Controller
>                 # name as the NT host name of the domain controller:
>                 # its not optional. This needs to be set to the NT
>                 # name of the Primary Domain Controller, and further
>                 # the NT name must be in the Unix hosts or DNS
>                 DomainController server.domain.it
>
>                 # On NT, you can optionally check the
>                 # "Grant dialin permission to user" flag in the
>                 # user manager. Requires the
>                 # Win32-RasAdmin Perl package to be installed first
>                 # HonourDialinPermission
>
>                 # This will set up some standard reply items for
>                 # your NAS, you may need others for your NAS
>                 DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
> #               NoCheckPassword
> </AuthBy>
>
> <AuthBy DYNADDRESS>
>         Identifier All-NT
>         Allocator SQLAllocator
>         PoolHint pool-NT
> </AuthBy>
>
> <Realm DEFAULT>
>         RejectHasReason
>         AuthByPolicy ContinueWhileAccept
>         AuthBy NT
>         AuthBy All-NT
> </Realm>
>
> Could anyone help me ?
> Please !!!
>
> Gionata Lamia
>
> Networking Services/Systems Integrations
> T-Systems Italia S.p.A.
> Strada 2 Palazzo D
> 20090 - Assago - MI
> Phone: +39 02 89248240
> Fax: +39 02 89248231
> Mobile: +39 348 4521210
> e-mail: Gionata.Lamia at T-Systems.it
> Internet: http://www.T-Systems.it
>
> -------------------------------------------------------

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list