Re: (RADIATOR) Problems using Authby NT

[Michael Audet]

If you are running a Win2k domain then you should use AuthByADSI.  Active Directory Services should provide the same lvl of authentication over native NT authentication mode.   -Michael Audet Network Services Chubb & Son   ----- Original Message ----- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, April 06, 2001 9:36 AM Subject: (RADIATOR) Problems using Authby NT Hello All,   I'd like to use Authby NT from a standalone W2K server. The problem is, radiator does not authenticate accounts in other domains (either W2K or NT4, and either local or domain accounts). When I make drive mappings to these domains (using account x) it does authenticate account y (both local and domain accounts) in W2K environments. It does authenticate a local account y on a standalone NT4 server, but still no authenctication to NT4 domains.   The following errors are shown in trace 4: When trying to authenticate to NT4 domain (without drive mappings) Fri Apr  6 12:55:29 2001: INFO: Access rejected for velden01: NT GetAttributes failed: 1726: The remote procedure call failed.   When trying to authenticate to W2K standalone server or domain (without drivemappings): Thu Apr  5 11:10:09 2001: INFO: Access rejected for test_radius: NT GetAttributes failed: 1326: Logon failure: unknown user name or bad password. When looking at network traces, I can see Authby NT tries to authenticate (if no drive mapping exists) by connecting to the IPC$ share with the account the Radiator process is running. This is never going to work with radiator running a certain account and authenticating accounts in domains it has no trusts to.   When the drive mapping is available, the connection to this share (IPC$) is done first with an empty username and secondly with the username given to radiator and authentication goes correct.   My radius server has W2K + SP1, Perl 5.6.0 build 623, Radiator 2.18 including the latest Authby NT patch (april 2).   According to me it should be possible to authenticate using Authby NT with the radius server not being part of any particular domain.   Does anybody have a clue?   Regards,     Karel van der Velden   ----------------------------------------------------------------------------- Karel van der Velden           |   telnr: +31 50 5881003 Peizerweg 156                  |   faxnr: +31 50 5883216 9727 AR Groningen              |   e-mail: [EMAIL PROTECTED] The Netherlands DISCLAIMER: This Statement is not an official statement from, nor does it represent an official postion of KPN Telecom -----------------------------------------------------------------------------