Re: Authentication ?

Alan Cragg ( )
Thu, 24 Apr 1997 14:11:11 -0700

On the point of authentication,

What is the best way to secure the user list if it is in a MS Access
Database. It is a system DSN if radius is installed as a service, correct?.
How accessible is this database to external users, by external I mean
anyone connected to the machine through the network by any protocol.

Also, if putting Winnt in as the password causes radius to lookup the
password in the NT database and then write an unencrypted copy into the
Radius database isn't this defeating the NT security somewhat. If the
person later changes his winnt password then this change won't reflect in
the Radius database, and vice-versa, which kind of makes the feature not so

Sorry if I'm babbling, but most authentication schemes use some kind of
encryption of the user list, but Radius seems to just leave everthing open
as clear text. Has this caused anybody concern or is there someother
safeguard that makes the Radius userlist safe.

Thanks to anyone who can clear this up for me.


At 06:39 PM 4/23/97 -0700, you wrote:
>Greg Lowthian wrote:
>> I have two PM-3's remote from my Radius servers. Is it possible
to have a
>> secondary authentication server that will ignore username and password and
>> let anyone on if the link to the primary goes down for a short time. I
>> don't want to maintain two user databases.
>No. RadiusNT 2.2 will have failover upon ODBC failover in case of ODBC
>failure, though. This typically will be either an MS Access database,
>users file.
>> On a second note has anyone figured out how to use the NT/SAM
bug to pull
>> username and passwords from an NT server.
>RadiusNT 1.19.00 has the ability to reverse them out on the fly. You
>add the
>users to ODBC and put "WINNT" as their password and enable the option.
>RadiusNT authenticates a user successfully (with PAP) it will then save
>unencrypted password into the database, replacing the "WINNT".
>Dale E. Reed Jr. (
> IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs
> Internet Solutions for Today |
> ----------------------------------------------------------
> RadiusNT Mailing List
R. Alan Cragg, B.Sc.
CTF Systems Inc. Ph: (604) 941-8561
15-1750 McLean Ave. Fax: (604) 941-8565
Port Coquitlam, B.C. email:
Canada V3C 1M9 Web Page: