Re: Matching realm in a connection policy
- From: Chris Hills <chills@xxxxxxxxxxxxxx>
- Date: Tue, 07 Jun 2005 10:36:55 +0100
Manjunath Bharadwaj [MSFT] wrote:
Chris
Are you sure that IAS is getting the user name in user@domain format? Or does it get it in domain\user format? I would suggest that you try a netmon/ethereal capture on your RADIUS packet and then formulate your username manipulation rule. If you attach your netmon capture someone on the newsgroup can take a look.
(try a generic matching syntax ^.*abc.*$ and see if that works?).
Thanks, Manju
Manju
From Event Viewer, I can see the following:-
User chills@xxxxxxxxxx was denied access. Fully-Qualified-User-Name = ABC\user@xxxxxxxxxxxxxx NAS-IP-Address = 172.18.100.14 NAS-Identifier = <not present> Called-Station-Identifier = <not present> Calling-Station-Identifier = 00-06-5B-E4-0E-0B Client-Friendly-Name = Someswitch Client-IP-Address = 172.18.100.14 NAS-Port-Type = Ethernet NAS-Port = 238 Proxy-Policy-Name = abc.domain.edu Authentication-Provider = Windows Authentication-Server = <undetermined> Policy-Name = <undetermined> Authentication-Type = EAP EAP-Type = <undetermined> Reason-Code = 8 Reason = The specified user account does not exist.
Regards
-- Chris Hills IT Services North East Worcestershire College .
- Follow-Ups:
- Re: Matching realm in a connection policy
- From: Manjunath Bharadwaj [MSFT]
- Re: Matching realm in a connection policy
- References:
- Matching realm in a connection policy
- From: Chris Hills
- Re: Matching realm in a connection policy
- From: Manjunath Bharadwaj [MSFT]
- Matching realm in a connection policy
- Prev by Date: Re: A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
- Next by Date: Re: Matching realm in a connection policy
- Previous by thread: Re: Matching realm in a connection policy
- Next by thread: Re: Matching realm in a connection policy
- Index(es):
