Re: [RadiusNT] Not Found in ODBC, Checking users file...

Dale E. Reed Jr. ( (no email) )
Thu, 13 May 1999 17:00:32 -0700

RadAdmin wrote:
>
> Below is an example of the problem I am having. A user logs in, gets a
> rejected in ODBC mode, then TEXT mode authenticates him. Notice, below in
> AUTH.LOG, the username being passed to WINNT, FramedProtocol. Sometimes
> it's characters like this, 0]z. Then user is then auth. "Sending Ack of id
> 10 to d1d264bd (PM2E)"
>
> The next entry in the log file is "radrecv: Request from host d1d264bd
> code=1, id=10, length=78". Well, since the user just auth and is online
> they fails for a concurrent violation. They remain online but everyday I
> get a ton of these entries in the RADLOG table.

The problem is the speed of the authentication. The WINNT sam isn't
a fast authentication, and there is nothing RadiusNT can do about it.

> Sending Ack of id 10 to d1d264bd (PM2E)
> User-Service = Framed-User
> Framed-Protocol = PPP
> Framed-Compression = Van-Jacobsen-TCP-IP
> Framed-MTU = 1500
>
> Resp Time: 3855 Auth: 4/0 -> 3 Acct: 4/0/0 -> 4

The first request comes in an is responded to in almost four seconds.
Typicall a PM will re-send the auth requests in three seconds.
Therefore, it sends the second request, gets the response back from
the first request and uses that response. RadiusNT then NAKs the
second response, but the PM has long completed that request and just
ignores the second response.

Is RadiusNT running on a BDC, PDC, or stand alone server?

-- 

Dale E. Reed Jr.      Emerald and RadiusNT__________________________________________IEA Software, Inc.    www.iea-software.com