This is what my RadLogMsgs table looks like:
RadLogMsgID Description Severity
---------------------------------------------
0 Generic Message 0
1 Generic Error 5
10 User Not Found 3
11 Bad Password 3
12 User Expired 2
13 User OverDue 2
14 Over Login Limit 1
15 No Time Left 1
16 Port Not Allowed 2
17 Reject Attribute 2
18 Check Attribute 2
19 No Attributes 3
40 SNMP Check Failed 1
50 Bad Request 4
51 No Username 4
52 No Password 4
53 Bad Digest 6
54 Bad username 3
60 Parse Error 5
100 Chap Not Allowed 5
I haven't seen a bad password entry in several days, even though I have
logged in with bad passwords just to make sure they would be logged.
At this juncture, we're still not as confident as we'd like to be about the
SQL version of our user database, so we're running in "both mode" while we
correct errors and such. Could this have anything to do with it?
___________________________________
David V. Brenner - dvb@cport.com
International Services Network Corporation
http://www.cport.com
> -----Original Message-----
> From: emerald-request@iea-software.com
> [mailto:emerald-request@iea-software.com]On Behalf Of Dale E. Reed Jr.
> Sent: Tuesday, May 11, 1999 3:02 PM
> To: emerald@iea-software.com
> Subject: Re: [Emerald] RadLogs not showing bad passwords
>
>
> "David V. Brenner" wrote:
> >
> > For the first couple of days that we ran Emerald, bad passwords
> would show
> > in RadLogs. This is no longer the case. Only "Over Login
> Limit" instances
> > are recorded. No records are created for logins where the user
> entered an
> > incorrect password.
> >
> > What could be the problem?
>
> Check your RadLogMsgs table. If that table doesn't have a definition
> for the RadLogMsgID, then RadiusNT can't put an entry in the
> RadLogs table.
>
>
> --
>
> Dale E. Reed Jr. Emerald and RadiusNT
> __________________________________________
> IEA Software, Inc. www.iea-software.com
>