(RADIATOR) Radiator NT domain users authentication

Yehudi Binder yehudi.binder at etsl.co.nz
Tue Sep 21 21:07:23 CDT 2004 

Guys,

	Do you know how do I setup Radiator to authenticate users against a Windows domain from a server (windows 2003) which is not part of the domain? I'm currently using this configuration below:


=======================
# Authenticate with NT
	<AuthBy NT>
		Domain mydomain
		DomainController \\mydomaincontroller
========================

	This is the reply my users are getting:

========================
	Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
=========================

	And this is my Radiator log:

=========================
*** Received from 192.168.0.1 port 1026 ....
Code:       Access-Request
Identifier: 141
Authentic:  <141><3><139>2<161><164>'<130><204><225><143><185>*.<165><213>
Attributes:
	User-Name = "myuser"
	User-Password = "password"
	Service-Type = Authenticate-Only
	NAS-Identifier = "server"
	NAS-IP-Address = 192.168.0.2

Wed Sep 22 13:58:38 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Wed Sep 22 13:58:38 2004: DEBUG:  Deleting session for myuser, 192.168.0.2, 
Wed Sep 22 13:58:38 2004: DEBUG: do query is: 'delete from RADONLINE where NASIDENTIFIER='192.168.0.2' and NASPORT=0': 

Wed Sep 22 13:58:38 2004: DEBUG: Handling with NT
Wed Sep 22 13:58:38 2004: INFO: Access rejected for myuser: NT AuthenticateUser failed: Logon failure: unknown user name or bad password. 
Wed Sep 22 13:58:38 2004: DEBUG: do query is: 'insert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (1095818318, 'myuser', 0, 'NT AuthenticateUser failed: Logon failure: unknown user name or bad password. ')': 

Wed Sep 22 13:58:38 2004: DEBUG: Packet dump:
*** Sending to 192.168.0.1 port 1026 ....
Code:       Access-Reject
Identifier: 141
Authentic:  <141><3><139>2<161><164>'<130><204><225><143><185>*.<165><213>
Attributes:
	Reply-Message = "Request Denied"
==========================



	Please, I would appreciate any suggestions.

Thanks in advance.


Regards,
 
Yehudi H. Binder
IT Security Analyst
Electronic Transaction Services Ltd



This electronic message together with any attachments is confidential, 
and may be privileged. It is intended solely for the addressee. If you are
 not the intended recipient do not copy, disclose, or use the contents in 
any way and please notify us by return e-mail immediately, then 
destroy the message. ETSL is not responsible for any changes made to 
this message and/or any attachments after sending by ETSL.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list