Re: Roaming

Dale E. Reed Jr. ( (no email) )
Tue, 11 Aug 1998 20:34:52 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Dale E. Reed Jr.: "Re: Authentication Problem | PLEASE REPLY ASAP!"
Next message: Mark Colasante: "MaxSessionLength in ServerAccess table"
Maybe in reply to: David Moore: "Roaming"

David Moore wrote:
>
> I need to accept pass-through authentication from a merit system for final
> authentication against the users in RadiusNT. I want to do this in ODBC
> mode. the merit system passes me the user name with the realm as a suffix
> (i.e. username@mydomain.net). The trick I need to accomplish is to strip
> the realm (suffix/domain) prior to authentication and returning the proper
> attributes. I can make everything work without using the proxying
> capabilities if I go into the subaccounts table and add the domain to the
> User field, but I don't want to do it that way. I need to know how to set
> up the RadRoamDomains and RadRoamServers (and Servers) tables to accomplish
> this. I have the Enterprise version. I have tried every combination of
> data in the RadRoamDomain and RadRoamServers tables and checked and
> unchecked everything I can find in the administrator with no luck. (Yes, I
> have TreatAsLocal and StripDomain marked as yes, but I don't think the
> request is getting that far.)

One way to do this is use the Login and Email fields with their
respective
entries (user and user@my.com).

If you want to use the roaming features, then you need to enable the
user proxy option in the RadiusNT admin. You need to add a
RadRoamServers
entry and only the Name is relevent. Make Sure you set both
TreatAsLocal
and StripDomain to 1. Then add a RadRoamDomains entry that points to
the
RadRoamServerID and has the domain you want to strip.

Also, make sure your RadCheckDomain stored procedure is correct,
has permissions and is returning results.

> There is a service listed under NT called "Radius Server / Proxy", but it
> will not run. I get an error "ERROR 0002: The system cannot find the file
> specified" when I try to start it. Is this Part of RadiusNT and should it
> be running?

No. RadiusNT is the only relevant service for it.

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com

Previous message: Dale E. Reed Jr.: "Re: Authentication Problem | PLEASE REPLY ASAP!"
Next message: Mark Colasante: "MaxSessionLength in ServerAccess table"
Maybe in reply to: David Moore: "Roaming"