Hi Kent?
Is it possible that this could be caused by a WINS problem making it unable to
resolve your domain controller name, compounded by WINS caching?
Cheers.
On Mar 5, 3:43pm, Hugh Irvine wrote:
> Subject: Fwd: (RADIATOR) Radiator on NT using AuthBy NT problem
>
>
> ---------- Forwarded Message ----------
> Subject: (RADIATOR) Radiator on NT using AuthBy NT problem
> Date: Mon, 5 Mar 2001 14:41:25 +1100
> From: "Kent, Ashley" <[EMAIL PROTECTED]>
> To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>
>
> We are experiencing intermittent problems with Radiator using AuthBY NT.
> Maybe this is something that one of you has seen before.
>
> Basically we have requests coming from a pix firewall to an NT box (a very
> lightly loaded BDC) running radiator. The users type in their NT usernames
> and passwords, which are then checked against the BDC. If the credentials
> are ok and they are a member of a particular NT usergroup then the request
> is accepted. This works great much of the time.
>
> At least once a week authentication stop working. When I look in the
> radiator log I see "NT CheckPassword failed: 53: The network path was not
> found.". This seems to be saying that radiator cannot talk to the BDC. This
> seems a bit weird to me since radiator is running on the BDC! There is
> almost no load on the server so I can't see it not being able to respond to
> the requests. Has anybody else seen this behaviour?
>
> I have included below the relevant parts of my config file and a trace 4 log
> of a user experiencing the problem.
>
>
>
> Thanks very much,
>
>
>
> Ash.
>
>
>
>
>
> --------------------Config files:-----------------------------------------
> Main file:
> <AuthBy NT>
> Identifier CheckInfprd05NT
> Domain UNITED
> DomainController \\infprd05
> </AuthBy>
> <Handler Client-Identifier = PIX>
> AuthBy CheckOutPIX-United-Infprd05
> AuthLog UnitedInternetAccess
> </Handler>
>
>
> Sub file used by handler:
> DEFAULT Auth-Type=CheckInfprd05NT, Group = Rad-Int
>
>
>
> --------------------Trace 4 Log:-----------------------------------------
>
> Mon Mar 5 12:24:52 2001: DEBUG: Packet dump:
> *** Received from 146.178.74.18 port 1645 ....
> Code: Access-Request
> Identifier: 249
> Authentic: <234><219>xQ<182><183>$<141>BS<144><137><142><175><188>E
> Attributes:
> User-Name = "jbaker"
> NAS-IP-Address = 146.178.74.18
> User-Password = "PW<157><195><14>y<25>;Jh<148><179>(<140>Kc"
> NAS-Port = 5
>
> Mon Mar 5 12:24:52 2001: DEBUG: Check if Handler Client-Identifier = PIX,
> Realm = ue.com.au should be used to handle this request
> Mon Mar 5 12:24:52 2001: DEBUG: Check if Handler Client-Identifier = PIX,
> Realm = uecomm.com.au should be used to handle this request
> Mon Mar 5 12:24:52 2001: DEBUG: Check if Handler Client-Identifier = PIX,
> Realm = ikon should be used to handle this request
> Mon Mar 5 12:24:52 2001: DEBUG: Check if Handler Client-Identifier = PIX
> should be used to handle this request
> Mon Mar 5 12:24:52 2001: DEBUG: Handling request with Handler
> 'Client-Identifier = PIX'
> Mon Mar 5 12:24:52 2001: DEBUG: Deleting session for jbaker,
> 146.178.74.18, 5
> Mon Mar 5 12:24:52 2001: DEBUG: Handling with Radius::AuthFILE
> Mon Mar 5 12:24:52 2001: DEBUG: Radius::AuthFILE looks for match with
> jbaker
> Mon Mar 5 12:24:52 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT
> Mon Mar 5 12:24:52 2001: DEBUG: Handling with NT
> Mon Mar 5 12:25:10 2001: DEBUG: Radius::AuthFILE REJECT: NT CheckPassword
> failed: 53: The network path was not found.
>
>
> Mon Mar 5 12:25:10 2001: INFO: Access rejected for jbaker: NT CheckPassword
> failed: 53: The network path was not found.
>
>
> Mon Mar 5 12:25:10 2001: DEBUG: Packet dump:
> *** Sending to 146.178.74.18 port 1645 ....
> Code: Access-Reject
> Identifier: 249
> Authentic: <234><219>xQ<182><183>$<141>BS<144><137><142><175><188>E
> Attributes:
> Reply-Message = "Request Denied"
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>
> -------------------------------------------------------
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
>-- End of excerpt from Hugh Irvine
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
