Re: IAS logging to SQL

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Manjunath Bharadwaj [MSFT] (mbhara_at_online.microsoft.com)
Date: 03/04/05 

Date: Fri, 4 Mar 2005 07:46:56 -0800

Thomas

The IAS attribute information is stored only in the dnary.mdb file. There
are places in code that we check / assert for some attributes that might
need custom handling. So, you should be aware that if you modify dnary.mdb,
you may not always get what you expect.

I can suggest something, but I am not sure if it would work (I have not
verified this by making the Cisco device send this attribute). Open
dnary.mdb and unhide all columns as we discussed in the other thread
("Locking down IAS and NAS"). Add an entry number 5001 for your new
attribute of type string. Vendor ID 9, Vendor type id 2. The other check
boxes you should turn on depending on what the Cisco RFC says where the
attribute can be present (if unsure, check every check box for now and youc
an get to it later). You can put anything as the ldap name (dont introduce a
clash with any existing names).

Once again, changing dnary.mdb is not portable. Let us know if this works
for you.
Thanks, Manju

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
http://www.microsoft.com/technet/community/chats/default.mspx
Customer chat event:
Setting up Secure Infrastructure for Wireless Network (March 29, 2005,
1:00 - 2:00 P.M. Pacific Time)
Setting up a secure infrastructure for wireless network can be complex and
challenging. Bring your questions and comments to the table and interact
with experts from the Internet Authentication Service team to get them
answered. Find out how you can use IAS as the RADIUS server to set up an
802.1x network and how you can set up underlying systems like Certification
Authority service, Active Directory and Group Policy.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
This posting is provided "AS IS" with no warranties, and confers no rights

Relevant Pages

  • XPSP2 Wireless Network Startup with IAS and PEAP Auth.
    ... We have now successfully configured wireless network access over WPA, IAS ... The problem we have now is that despite we have a successfull computer ... authentication on IAS, ...
    (microsoft.public.internet.radius)
  • Re: IAS-proxy and adding attributes part 2
    ... The custom dll has to export some functions. ... thread a few weeks ago called "Locking down IAS and NAS". ... Setting up Secure Infrastructure for Wireless Network (March 29, 2005, ... with experts from the Internet Authentication Service team to get them ...
    (microsoft.public.internet.radius)
  • Re: IAS logging to SQL
    ... Authentication requests are processed normally BUT the value of ... > The IAS attribute information is stored only in the dnary.mdb file. ... > Setting up a secure infrastructure for wireless network can be complex and ... > with experts from the Internet Authentication Service team to get them ...
    (microsoft.public.internet.radius)
  • Re: RADIUS authentication stopped working after SP1 with WAP.
    ... Take a look in the System Event log in Event Viewer to look for an event ... If that's not the case then what event messages are you getting from IAS? ... RADIUS has stopped working on my wireless network. ...
    (microsoft.public.windows.server.sbs)
  • Re: IAS service start up problem
    ... And the IAS logs will be stored in %windir%\tracing. ... Setting up Secure Infrastructure for Wireless Network (March 29, 2005, ... with experts from the Internet Authentication Service team to get them ...
    (microsoft.public.internet.radius)