[RadiusNT] Strange behaviour

Herman verschooten ( H.verschooten@WebVisie.net )
Mon, 22 Mar 1999 11:27:49 +0100

I've noticed some strange behaviour with running RadiusNT, when both
ODBC and TEXT are activitated.

We have a customer who logs in, with the correct username but with a
wrong password. RadiusNT checks the
SQL-database and doesn't find the correct combination User/PW, so it
goes to the Text-file (?), which is setup
to go to the NT-database where it finds the user, but ofcourse here the
password is wrong too, and the user is
denied access. After 3 attempts the NT-database locks out the user, but
for RadiusNT nothing serious has happened,
so when the user enters his correct password, he gets access to the
system... he then goes to check his mail, which
failes because we use NTMail with the NT-database where the user is
locked out... you see the problem... we are an ISP
and I have a number of customers who are getting angry. I know it is
basically their own fault, they should enter their passwords
correctly, but I don't understand the RadiusNT-behaviour. I mean, is
there a way to lock-out users, or can a malicous caller keep on

Can somebody give me a clue. How can I restrict RadiusNT from going to
the TEXT-file when the user exists, but has specified a wrong password.



For more information about this list, including removal, please
see this URL: http://www.iea-software.com/maillist.html