[RADIATOR] Radiator 3.16 / AuthBy LSA / AD2008
Stuart Kendrick
skendric at fhcrc.org
Wed Nov 9 11:08:25 CST 2011
Yup, we're seriously dragging, in terms of versions ....
I twinked with the Handler; turns out the version below works fine with
this new AD2008 domain:
<Handler Client-Identifier=vdops-mgmt>
<AuthBy GROUP>
AuthByPolicy ContinueUntilAccept
<AuthBy LSA>
Group CiscoEnable
AddToReply Service-Type = "Administrative-User"
</AuthBy>
<AuthBy LSA>
Group CiscoReadOnly
AddToReply Service-Type = "NAS-Prompt-User"
</AuthBy>
</AuthBy>
</Handler>
--sk
On 11/9/2011 5:27 AM, Alan Buxey wrote:
> Hi,
>
>> Is this is a known issue with Radiator 3.16? Does anyone have Radiator
>> 3.16 successfully authenticating against an AD2008 domain? [I realize
>> that 3.16 is a little dated ... ]
> 3.16 is hideously outdated....and came out years before AD2008 was even a twinkle
> int he eye of MS - I wouldnt be suprised if software that came out later had issues
> with earlier releases.... i'd strongly advise using latest release + patchset
> (thats 4.9. 4.8 came out earlier this year, 4.6 and 4.7 last year)...
>
>> Wed Nov 9 04:16:00 2011: DEBUG: Radius::AuthFILE REJECT: NT GetAttributes failed: 5: Access is denied.: DEFAULT [skendric]
> that line suggests something not right/happy with the linkage - are you sure you
> went through the same process for connecting to 2008 as you did with your earlier
> MS product - 2003? 2000?
>
> alan
More information about the radiator
mailing list