Re: [RadiusNT] SNMP Concurrency question

Dale E. Reed Jr. ( (no email) )
Fri, 22 Sep 2000 09:47:25 -0700

Dirk wrote:
> Hello RadiusNT people...
> We are running RadiusNT ver 2.5.214 against an SQL database. I have read
> through the docs (numerous times) and even corresponded with some of the IEA
> techs regarding this issue - but it still remains:
> Very seldom, we have to take the SQL Database offline (upgrades/backup/etc.)
> and I want to have RadiusNT automatically validate our users from the UNIX
> passwd file that gets FTP'd from our Unix system every 5 mins. I know the
> file is working because two of us are hard-coded into the 'users' file and it
> authenticates us using the password="UNIX" setting. However, if I 'pull the
> plug' on the SQL server, according to documentation and such, if it times out
> doing an SQL lookup, it should revert to using the TEXT files. I have tried
> everything and it just WILL NOT validate our users from the DEFAULT profile
> setup in the users file and I don't know why.
> Can someone please lend a hand? We MUST get this feature to work - it is why
> we purchased RadiusNT in the beginning (two years ago) and it's still not
> functioning.

To get this to work, you need to do a couple of things:

1) In the RadiusNT admin, for mode, select ODBC with text backup.
However, RadiusNT will ONLY read the users file on startup. If
you change the users file, use the *RELOAD* user request with
radlog to tell RadiusNT to reload the users file. If you are
using just DEFAULT Password = "UNIX", then you don't have to
worry about this.

2) The SQL timesouts have to be set DOWN, so that RadiusNT will
give up on the SQL request and failover to the users file.
There are two registry settings that affect this:

ODBCTimeout Set to a value that will tell RadiusNT to
Give up on the ODBC and go to the users file. This
setting is GLOBAL, so be careful setting it to low,
or RadiusNT might not connect to your DB. Something
around 5 is usually fine.

ODBCRetry This setting tells RadiusNT how often to re-try the
down ODBC connection. Remember, if your timeout is
5 seconds and you set this to 3, that means every
third authentication request will have a 5 second
delay if your ODBC source is still down. A good
setting is probably around 10.

Another thing you can do is use radusers to create your users file from
ODBC DSN. This might work a little better than trying to use the unix
passwd file:


Dale E. Reed Jr. Emerald and RadiusNT/X__________________________________________IEA Software, Inc.

For more information about this list (including removal) go to: