Re: How does IAS authenticate using Active Directory

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Andrew (abartlem_at_vasco.com)
Date: 11/23/04

Next message: Sam Salhi [MSFT]: "Re: WPA with IAS and PEAP-EAP-TLS Auth. and CA on W2003 standard"
Previous message: C Hall: "Accounting question"
In reply to: Sam Salhi [MSFT]: "Re: How does IAS authenticate using Active Directory"
Next in thread: Sam Salhi [MSFT]: "Re: How does IAS authenticate using Active Directory"
Reply: Sam Salhi [MSFT]: "Re: How does IAS authenticate using Active Directory"
Messages sorted by: [ date ] [ thread ]

Date: 22 Nov 2004 22:37:17 -0800

I think I am confused. I thought that you needed the password (or
hash) to validate the RADIUS request ie MS-CHAP is a one-way hash.

If IAS does not have the user's password, how does IAS verify the
RADIUS request? (ie what function would it use?)

"Sam Salhi [MSFT]" <samers@online.microsoft.com> wrote in message news:<OsISNyL0EHA.2600@TK2MSFTNGP09.phx.gbl>...
> IAS gets it from the access request. munged with some other stuff. IAS will
> decrypt it and use it
>
>
> --
> =============================================
> This posting is provided "AS IS" with no warranties, and confers no rights
>
> Join us on Nov 29th 1:00 to 2:00 PM PST, for an online webchat on "Using and
> troubleshooting RADIUS using IAS"
> This chat will help you resolve all of your RADIUS/IAS issues. You can ask
> about RADIUS, IAS, 802.1x, Active directory configuration and Certificate
> services, related to IAS and RADIUS
> Follow this link to join the chat
> http://www.microsoft.com/communities/chats/default.mspx#04_Nov29_IAS_RADIUS
> =============================================
>
> "Andrew" <abartlem@vasco.com> wrote in message
> news:774cf399.0411211708.5430fa9f@posting.google.com...
> > okay,
> > but where/how does IAS get the user's password hash?
> >
> > Andrew
> >
> >
> > "Sam Salhi [MSFT]" <samers@online.microsoft.com> wrote in message
> > news:<#HoYWwhzEHA.3408@tk2msftngp13.phx.gbl>...
> >> With the exception of PAP, IAS doesn't know the password, or gets the
> >> password back from AD,
> >> It's normally the hash of the password
> >>
> >>

Next message: Sam Salhi [MSFT]: "Re: WPA with IAS and PEAP-EAP-TLS Auth. and CA on W2003 standard"
Previous message: C Hall: "Accounting question"
In reply to: Sam Salhi [MSFT]: "Re: How does IAS authenticate using Active Directory"
Next in thread: Sam Salhi [MSFT]: "Re: How does IAS authenticate using Active Directory"
Reply: Sam Salhi [MSFT]: "Re: How does IAS authenticate using Active Directory"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: Newbe-IAS hardware configuration when authenticating web users against domain where web serv
... The ISA server does not examine the RADIUS traffic -- you simply configure ... The IAS proxy is configured as a RADIUS client ...
(microsoft.public.internet.radius)
Re: Refreshing Encryption Keys with WPA
... troubleshooting RADIUS using IAS" ... This chat will help you resolve all of your RADIUS/IAS issues. ... >>> My Cisco AP is not honoring it ... ...
(microsoft.public.internet.radius)
Re: ReasonCode=97 with netgear and intel
... You can ask about RADIUS, IAS, 802.1x, Active directory configuration and Certificate services, related to IAS and RADIUS ... "Ralf Laemmermeyer" wrote in message ... sometimes i get additionally the error message: ...
(microsoft.public.internet.radius)
Re: SSID restriction
... This posting is provided "AS IS" with no warranties, and confers no rights ... This chat will help you resolve all of your RADIUS/IAS issues. ... You can ask about RADIUS, IAS, 802.1x, Active directory configuration and Certificate services, related to IAS and RADIUS ...
(microsoft.public.internet.radius)
Re: Configure Radius
... You can automate the configuration of IAS by using the SDO interfaces. ... > Is there a way to setup a RADIUS server with some command-line tool. ...
(microsoft.public.internet.radius)