Re: Voilation of PRIMARY KEY

Dale E. Reed Jr. ( (no email) )
Mon, 04 May 1998 13:55:51 -0700

Tommy Cheng wrote:
>
> Dale,
>
> I think I sort of know what's going on now. Because of "CONSTRAINT
> pk_RadLogs PRIMARY KEY (RadLogMsgID, LogDate, Username)" whenever a user
> is trying to authenticate 1000 times in a session (usually, it takes
> forever for a PM3 to terminate a bad call if you constantly feed it with
> username and password) SQL server would think that it is accepting
> duplicate accounting record and not record it and cause it to error. I
> have to delete the primary keys so that it will work right. Now, I have
> two questions.

The primary key on RadLogs is designed to PREVENT someone from
filling your database in the event RadiusNT receives a ton of
bad authentication attempts. It is not required and can be
changed if you want.

> 1. Is there anyway that Radius NT can terminate a bad call? For
> example, if a user tries to login with bad user name or wrong password
> and entered 20 times in a row. Radius NT should send Nak to NAS and
> terminate the call.

This is NOT a RadiusNT issue, its a configuration issue on your PM.
RadiusNT IS NAKing the request. Typically a terminal server will only
allow three requests before it hangs up.

> 2. If with "CONSTRAINT pk_RadLogs PRIMARY KEY (RadLogMsgID, LogDate,
> Username)" in RadLogs table and it works for you, is it because my SQL
> server is too slow (2 PPro w/256MB RAM w/4GB SCSI) or the radius server
> is too slow (P5-200 w/64MB w/2GB IDE)?

Neither. The constraint is designed to ONLY log on bad attempt per
minute for a specific user and failure.

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com