Re: IAS suddenly stopped working for some time and then magically

James,

I would like to add that I've noted the same behavour as Rainer - related to
the failing of authentication if the SQL transaction fails. I can understand
the reasoning from a security standpoint in a highly secure environment.
You've indicated that if both text logging and sql logging are enabled, then
authentication will not fail upon loss of sql logging alone. Other MS
documents also support this statement. However, from what I can tell, a loss
of sql logging will cause a failure in authentication - regardless if text
logging is enabled or not. I'm just in the process of setting our IAS up
(still testing) and don't have any previous experience with it, so it may be
possible that I have something configured incorrectly. I found this thread
after trying to test the very feature (using both sql and text logging - then
'breaking it's sql logging capability). It appears that a successful
authentication is logged in the text file even with the sql log failure -
however the connection actually fails authentication. The IAS Server System
Log also indicates authentication failure in this scenario for me.

Like Rainer, I would also like to see the SQL Logging be configurable - with
a choice to allow authentication even if the logging failed. Additionally,
I'm not sure if there is a documentation error or I have a configuration
issue related to the above authentication failure even with the dual logging
configuation.

Thanks,
Brian Brocker


"Rainer Sinsch" wrote:

Hi James,

thanks for forwarding the feature request! I have written an email to your
provided email-address (removed the no-spam) with all my detailed contact
information.

/Rainer

"James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx> schrieb im Newsbeitrag
news:Xns994C8CFD113F6jamesmcionlinemicros@xxxxxxxxxxxxxxxx
"James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx> wrote in
news:Xns994C8ADFC82F3jamesmcionlinemicros@xxxxxxxxxxxxx:

"Rainer Sinsch" <no@xxxxxxx> wrote in news:f4jqbd$20p$1@xxxxxxxxxxxx:

If SQL fails the whole authentication
process fails. I know that one can argue with security precautions -
but it is ridiculous that this one is not configurable.

Hi Rainer --

Thanks for providing this feedback, I have forwarded your feature
request to the devs and other team members. Just thought I would let
you know.


Hi again --

The product team would like to discuss your idea and get additional
feedback from you, if possible. Can you please email me at wsdocs@no-
spam.microsoft.com and I will send your email address to the product
manager for IAS (who requested it)? Thanks much Rainer.

--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online
account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no
rights.



.

Relevant Pages
Loading