Re: [Emerald] Authentication problem

Josh Hillman ( (no email) )
Thu, 23 Mar 2000 15:37:05 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Gulam Chagani: "Re: [Emerald] Authentication problem"
Next message: Burl Smith: "[Emerald] Past Due Invoices"
Maybe in reply to: gulam@catsgroup.com: "[Emerald] Authentication problem"
Next in thread: gulam@catsgroup.com: "Re: Re: [Emerald] Authentication problem"
Maybe reply: gulam@catsgroup.com: "Re: Re: [Emerald] Authentication problem"

From: Gulam Chagani <gulam@catsgroup.com>
> Thanks for your help. All my windows users do NOT have "require encrypted
> password" selected, but they still authenticate using CHAP. I suppose
> deleting CHAP and SPAP keys from the registry on the RRAS server is the
only
> option that will force ALL users to come in with PAP.

I know that if we have CHAP enabled in our Ascend Maxes, Windows 95/98/NT
(and 2000, I'd imagine) users will automatically authenticate using CHAP,
even if it's not set to "require...". If the dial-up client software
doesn't support CHAP (few don't support it), it'll drop back to PAP
authentication on its own.
I have no idea how this stuff works with RRAS though.

Josh

> ----- Original Message -----
> From: Josh Hillman <admin-maillist@talstar.com>
> To: <emerald@iea-software.com>
> Sent: Thursday, March 23, 2000 5:33 PM
> Subject: Re: [Emerald] Authentication problem
>
>
> > > From: <gulam@catsgroup.com>
> > > > I have found a registry key to force all users to use PAP, however I
> > > > have the following concerns:
> > > >
> > > > 1. Do all clients support PAP, if CHAP and MS-CHAP are not available
> > > > ? In a windows client, where exactly in DUN is the setting to use
PAP
> >
> > Windows 95/98/NT4/2000 all support PAP and CHAP. If CHAP is not
enabled,
> it
> > uses PAP (unless for some reason the user has a post-dial-up terminal
> window
> > pop up). In Win95/98 from within Dial-Up Networking, right-click on the
> > connection profile, then click on "Server Types". CHAP corresponds to
> > "Require encrypted password"--when that's not set, PAP is automatically
> > used.
> > In Windows NT 4, from within Dial-Up Networking, go into the connection
> > properties and under the Security tab, the first entry ("accept any
> > authentication including clear text") refers to PAP. The second option,
> > "accept only encrypted authentication" refers to CHAP.
> > I don't remember off-hand how Windows 2000 handles this, but I think
it's
> > almost the same as Windows 98.
> >
> > > > 2. What about non windows clients ? e.g mac or unix.
> >
> > These vary depending on the operating system. Even in cases where PAP
may
> > not be available, there's usually some old scripting method that will
get
> > the user logged on.
> >
> > Josh
> >
> >
> > For more information about this list (including removal) go to:
> > http://www.iea-software.com/support/maillists/liststart
> >
>
>
> For more information about this list (including removal) go to:
> http://www.iea-software.com/support/maillists/liststart
>

For more information about this list (including removal) go to:
http://www.iea-software.com/support/maillists/liststart

Previous message: Gulam Chagani: "Re: [Emerald] Authentication problem"
Next message: Burl Smith: "[Emerald] Past Due Invoices"
Maybe in reply to: gulam@catsgroup.com: "[Emerald] Authentication problem"
Next in thread: gulam@catsgroup.com: "Re: Re: [Emerald] Authentication problem"