(RADIATOR) AuthBy LSA Config Issues

Tue Mar 18 14:08:55 CST 2008

Mike and Hugh,

 I need help with authenticating to Active Directory. I have tried the default AuthByLSA config and cannot seem to get it to authenticate to the domain. If I add a local user on the machine, it works fine.

Radiator Version:  4.2
OS:  Windows XP SP2 (fully patched)
Perl Version:  Active State 5.8.8 (All necessary Radiator modules installed)
Laptop Client:  Odyssey 4.51
Trying to:  use AuthBy LSA along with PEAP and MSCHAP-V2

Questions:

1.      Does the workstation/server Radiator resides on need to be part of the AD domain?  I don't think it does since Radiator can handle requests to multiple domains (or at least the documentation leads me to believe this).
2.      Assuming we can get this working, does every possible domain user name need to reside in the users file?  If not, is it sufficient to just have 'anonymous Encrypted-Password=nevermatch (assuming we don't do anything too fancy)?
3.      Do the passwords need to be stored using reversible encryption if using MSCHAP-V2?
4.      If a working solution is found can radpwtst be used to test?  I tried testing with it earlier but there does not seem to be a place to put the outer 'anonymous' user name.

Thanks,
Steve
   (Log file and radius.cfg attached)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080318/b3f8145e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logfile
Type: application/octet-stream
Size: 18468 bytes
Desc: logfile
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080318/b3f8145e/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radius.cfg
Type: application/octet-stream
Size: 9041 bytes
Desc: radius.cfg
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080318/b3f8145e/attachment-0001.obj>