Ack! Should have looked up a message or two. Well, I'm out of suggestions. But, I still know you don't need RADIUS or IAS for what you're doing. You'd know if you needed it - because your entire authentication strategy would be built around it. IOW - it would be dictated and your user's ISP's would be using it and proxying for you. Which, considering you've mentioned nothing about it, I surmise that they aren't.
Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 "Any sufficiently advanced technology is indistinguishable from magic." --- Arthur C. Clarke > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of > Salandra, Justin > Sent: Wednesday, October 30, 2002 8:53 PM > To: [EMAIL PROTECTED] > Subject: Re: [ActiveDir] RAS > > > Also look at this Q Article, I did this and it did not help > > http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q227747&; > > ----- Original Message ----- > From: "Salandra, Justin A." <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, October 30, 2002 9:28 PM > Subject: RE: [ActiveDir] RAS > > > > Here look at these > > > > Event Type: Warning > > Event Source: RemoteAccess > > Event Category: None > > Event ID: 20187 > > Date: 10/30/2002 > > Time: 4:24:51 PM > > User: N/A > > Computer: CHCS56KRAS > > Description: > > The user jlevine failed an authentication attempt due to > the following > > reason: There was an authentication failure because of an > unknown user > name > > or a bad password. > > > > Event Type: Error > > Event Source: RemoteAccess > > Event Category: None > > Event ID: 20073 > > Date: 10/30/2002 > > Time: 4:25:06 PM > > User: N/A > > Computer: CHCS56KRAS > > Description: > > The following error occurred in the Point to Point Protocol > module on > port: > > COM4, UserName: CRNH\jlevine. The authentication server did not > > respond to authentication requests in a timely fashion. > > Data: > > 0000: a2 03 00 00 c... > > > > Event Type: Warning > > Event Source: RemoteAccess > > Event Category: None > > Event ID: 20014 > > Date: 10/30/2002 > > Time: 4:23:52 PM > > User: N/A > > Computer: CHCS56KRAS > > Description: > > The user JCostello has connected and failed to authenticate on port > > COM4. The line has been disconnected. > > > > I have verified that all these users have the dial in > property set and > that > > their passwords are correct. > > > > Justin > > > > > > -----Original Message----- > > From: Rick Kingslan [mailto:rkingsla@;cox.net] > > Sent: Wednesday, October 30, 2002 6:45 PM > > To: [EMAIL PROTECTED] > > Subject: RE: [ActiveDir] RAS > > > > > > Justin, > > > > Please re-read the Q article that you cited. This makes > the distinct > > statement that you are already using IAS (Microsoft Internet > > Authentication Service), so this has nothing to do with the problem > > that you're experiencing. > > > > Unless, however, you are using IAS on your RAS server to set up > > authentication / auditing. > > > > And, you should NOT have to set up RADIUS, IAS or any other complex > > mechanisms to allow users to access the child domain if they are > > authenticating to the parent, WAN or not. Linton is absolutely > > correct in his statements. > > > > Clearly there is another problem here, and it has nothing > to do with > > RADIUS or IAS. What else do you have in the event logs of the RAS > > server that might help? > > > > Rick Kingslan - Microsoft MVP [Windows NT/2000] > > Microsoft Certified Trainer > > MCSA, MCSE+I - Windows NT / 2000 > > > > "Any sufficiently advanced technology > > is indistinguishable from magic." > > --- Arthur C. Clarke > > > > > > > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of > Salandra, > > > Justin A. > > > Sent: Wednesday, October 30, 2002 5:09 PM > > > To: '[EMAIL PROTECTED]' > > > Subject: RE: [ActiveDir] RAS > > > > > > > > > I am getting a error message that says Error 930; The > Authentication > > > Server Did Not Respond to Authentication Requests in a Timely > > > Fashion > > > > > > According to this error message on this Q article Q299684 - Error > > > Message: Error 930; The Authentication Server Did Not Respond to > > > Authentication Requests in a Timely Fashion they say to setup > > > RADIUS, do I need to do that? Does anyone know how to configure a > > > RADIUS Server so that it will authenticate users in a > child domain > > > in the child domain and the rest of the users against the parent > > > domain? -----Original Message----- > > > From: Linton Smith (WBTQ) [mailto:GWLLES@;Weston.ca] > > > Sent: Wednesday, October 30, 2002 6:00 PM > > > To: '[EMAIL PROTECTED]' > > > Subject: RE: [ActiveDir] RAS > > > > > > That's why I'm suggesting you put a DC for the child > domain in the > > > site with the RAS server in it. Otherwise, the authentication > > > traffic will have to go over the WAN. For a RAS user, the > > > performance hit may be negligible given that his > connection speed is > > > probably less than available on the WAN link, but there are other > > > considerations as well - i.e. what resources will the > dialed-in user > > > be accessing, and where will they be located? How many > concurrent > > > RAS users do you wish to support? > > > > > > All of this will work (assuming DNS is working properly) > over a WAN > > > without a DC or the accessed resources being in the same > site as the > > > RAS server, but performance may be constrained by available > > > bandwidth on the WAN link. You can eliminate the authentication > > > traffic from the WAN if there is a local DC for the child > domain in > > > the site with the RAS server. > > > > > > HTH, > > > > > > Linton > > > > > > -----Original Message----- > > > From: Salandra, Justin A. [mailto:jasalandra@;chcsnet.org] > > > Sent: Wednesday, October 30, 2002 5:35 PM > > > To: '[EMAIL PROTECTED]' > > > Subject: RE: [ActiveDir] RAS > > > > > > > > > But the RAS server and the Child Domain are separated by > a WAN Link > > > > > > -----Original Message----- > > > From: Linton Smith (WBTQ) [mailto:GWLLES@;Weston.ca] > > > Sent: Wednesday, October 30, 2002 5:28 PM > > > To: '[EMAIL PROTECTED]' > > > Subject: RE: [ActiveDir] RAS > > > > > > Yes, but you will want to have a DC for the child domain > in the same > > > site as the RAS server to ensure rapid authentication. > > > > > > Linton > > > > > > -----Original Message----- > > > From: Salandra, Justin A. [mailto:jasalandra@;chcsnet.org] > > > Sent: Wednesday, October 30, 2002 5:09 PM > > > To: ActiveDir (E-mail) > > > Subject: [ActiveDir] RAS > > > > > > > > > If I have a domain tree with a RAS Server in the Parent, > can a user > > > dial in to that RAS server and login as a user in the > child domain? > > > > > > Justin A. Salandra, MCSE > > > Senior Network Engineer > > > Catholic Healthcare System > > > 914.681.8117 office > > > 646.483.3325 cell > > > [EMAIL PROTECTED] <mailto:jasalandra@;chcsnet.org> > > > > > > List info : http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > List info : > > > http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > List info : > > > http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > List info : > > > http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > List info : > > > http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > > > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > List info : > http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
