RE: [Emerald] Radius Authentication Problems

David W. Kornitz ( (no email) )
Wed, 24 Mar 1999 11:33:49 -0600

The password is correct. When it goes against NT's SAM, it uses the
incorrect username and the correct password and therefore fails.

-----Original Message-----
From: Geoffrey L. Scully [mailto:info@olynet.com]
Sent: Wednesday, March 24, 1999 11:08 AM
To: emerald@iea-software.com
Subject: Re: [Emerald] Radius Authentication Problems

we noticed quite a few of our customers having the same thing happen. =
Their
passwords were all of a sudden changed after an upgrade.

"David W. Kornitz" wrote:

> We have recently upgraded to Emerald 2.5. Since doing so, we started
> noticing users having more problems getting authenticated. Running =
Radius
> in debug mode, the following occurs: (Username and Password have =
been
> change.)
>
>
------------------------------------------------------------------------=
----
> -----------------------
>
> radrecv: Request from host cc5fc483 code=3D1, id=3D165, length=3D60
> NAS-Identifier =3D 127.0.0.1
> NAS-Port =3D 0
> User-Name =3D "USERX"
> Password =3D "[\300Rmz\373\320\264\236\305o3\337\336\376["
> rad_authenticate_ODBC() Password =3D
> "[\300Rmz\373\320\264\236\305o3\337\336\376["
>
> SQL Statement: Select DateDiff(Minute, GetDate(), DateAdd(Day,
> (ma.Extension+ma.OverDue+1), maExpireDate)), DateDiff(Minute, =
GetDate(),
> DateAdd(Day, sa.Extension+1, saExpireDate)), sa.AccountID, =
sa.AccountType,
> sa.Password, sa.Login, sa.Shell, ma.Balance, ma.OverLimit From
> MasterAccounts ma, SubAccounts sa Where (sa.Login=3D'USERX' or
> sa.Shell=3D'USERX' or sa.Email=3D'USERX') AND =
ma.CustomerID=3Dsa.CustomerID and
> sa.Active<>0 and ma.Active<>0
>
> Decrypted Password: PASSWORDX
> Database Password: WINNT\
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> (WINNT) User:=B2=C4_=CC=04 Domain: Password:PASSWORDX
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Sending Reject of id 165 to cc5fc483 (lasagna.compufort.com)
> SQL Statement: INSERT INTO RadLogs(RadLogMsgID, LogDate, Username, =
Data,
> CallerID) VALUES (11, GetDate(), 'USERX', 'PASSWORDX', NULL)
>
> User: USERX Bad Password
>
>
------------------------------------------------------------------------=
----
> -----------------------
>
> Each time the attempt fails (provided the password is correctly =
entered)
on
> the line:
>
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> (WINNT) User:=B2=C4_=CC=04 Domain: Password:PASSWORDX
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> the username is not correct. In this particular example, it is not
> intelligible and in other cases you'll see "NAS-PORT", "User-Name" or
> something similar. The problem occurs on both from "RADLOGIN", as =
well
as,
> the two TOTAL CONTROL racks.
>
> Two eliminate the server as the source of the problem, we installed
EMERALD
> 2.5 with RADIUS on a new machine (fresh install) and the same problem
> reoccurred.
>
> The problem is not constant, after three or four failed attempts it =
just
> starts working again and then stops again.
>
> Any suggestions would be greatly appreciated.
>
> David Kornitz
> Compufort
>
> For more information about this list, including removal,
> please see http://www.iea-software.com/maillist.html

For more information about this list, including removal,
please see http://www.iea-software.com/maillist.html

For more information about this list, including removal,
please see http://www.iea-software.com/maillist.html