Re: IAS suddenly stopped working for some time and then magically

Hi Brian --

Thanks very much for this information, I have forwarded your comments to
the product team as well. When I have time I will investigate this further
with an eye to updating the documentation if I can reproduce the behavior
you have experienced.

Again I really appreciate your feedback.

James

=?Utf-8?B?QnJpYW4gQnJvY2tlcg==?= <Brian
Brocker@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:59FE26A9-51BE-4BA6-B9F5-2654880C7EEC@xxxxxxxxxxxxx:

James,

I would like to add that I've noted the same behavour as Rainer -
related to the failing of authentication if the SQL transaction fails.
I can understand the reasoning from a security standpoint in a highly
secure environment. You've indicated that if both text logging and sql
logging are enabled, then authentication will not fail upon loss of
sql logging alone. Other MS documents also support this statement.
However, from what I can tell, a loss of sql logging will cause a
failure in authentication - regardless if text logging is enabled or
not. I'm just in the process of setting our IAS up (still testing) and
don't have any previous experience with it, so it may be possible that
I have something configured incorrectly. I found this thread after
trying to test the very feature (using both sql and text logging -
then 'breaking it's sql logging capability). It appears that a
successful authentication is logged in the text file even with the sql
log failure - however the connection actually fails authentication.
The IAS Server System Log also indicates authentication failure in
this scenario for me.

Like Rainer, I would also like to see the SQL Logging be configurable
- with a choice to allow authentication even if the logging failed.
Additionally, I'm not sure if there is a documentation error or I have
a configuration issue related to the above authentication failure even
with the dual logging configuation.

Thanks,
Brian Brocker


"Rainer Sinsch" wrote:

Hi James,

thanks for forwarding the feature request! I have written an email to
your provided email-address (removed the no-spam) with all my
detailed contact information.

/Rainer

"James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx> schrieb im
Newsbeitrag
news:Xns994C8CFD113F6jamesmcionlinemicros@xxxxxxxxxxxxxxxx
"James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx> wrote in
news:Xns994C8ADFC82F3jamesmcionlinemicros@xxxxxxxxxxxxx:

"Rainer Sinsch" <no@xxxxxxx> wrote in
news:f4jqbd$20p$1@xxxxxxxxxxxx:

If SQL fails the whole authentication
process fails. I know that one can argue with security
precautions - but it is ridiculous that this one is not
configurable.

Hi Rainer --

Thanks for providing this feedback, I have forwarded your feature
request to the devs and other team members. Just thought I would
let you know.


Hi again --

The product team would like to discuss your idea and get additional
feedback from you, if possible. Can you please email me at
wsdocs@no- spam.microsoft.com and I will send your email address to
the product manager for IAS (who requested it)? Thanks much Rainer.

--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online
account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no
rights.







--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no rights.
.

Relevant Pages

  • RE: SMTP Stopped working
    ... I have turned on all of the logging and it turns out that there is an authentication problem. ... > NCSA) on the SMTP Virtual Server. ...
    (microsoft.public.exchange.connectivity)
  • Technique for centralized web service authentication, logging, etc.
    ... (authentication, logging, exception handling). ... private delegate ReturnType GetSomeDataImplDelegate(SomeType param1); ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: IAS suddenly stopped working for some time and then magically
    ... the failing of authentication if the SQL transaction fails. ... You've indicated that if both text logging and sql logging are enabled, ... authentication will not fail upon loss of sql logging alone. ...
    (microsoft.public.internet.radius)
  • Re: Login Problems
    ... The user/password popup login ... They are logging in correctly with just name ... >> We have IIS set to basic authentication for the site ...
    (microsoft.public.sharepoint.windowsservices)
  • Forward FTP traffic on PIX 515
    ... I am unable to foward FTP traffic to my internal server. ... logging timestamp ... timeout xlate 3:00:00 ... aaa authentication enable console LOCAL ...
    (comp.dcom.sys.cisco)