Powered by Jitbit .Net Forum free trial version. dismiss

HomeBugs

Bugs

AD Authentication matches wrong usernames Messages in this topic - RSS

Bernie
Bernie
Posts: 205


8.11.2017
Bernie
Bernie
Posts: 205
Hi,

the following situation:
We have more SSIDs. Special groups have wlan access to a special wlan ssid. For some weeks is it possible that some users can log in to other ssids but not all.
Our config:
Feyerabendt.Antonia@dbjw.local AD member of Domänen-Benutzer (Domain-users), AD-WLAN_JH-Chemnitz -> primary group
Schön.Domi@dbjw.local AD member of Domänen-Benutzer (Domain-users), AD-WLAN_JH-Chemnitz -> primary group

In TekRADIUS:
Group Default
TekRADIUS-Status check disabled
Simultaneous-Use check 1
TLS-Server-Certificate check Radius.dbjw.local
Session-Timeout success-Reply 300
Idle-Timeout success-Reply 300
Group AD-WLAN_JH-Chemnitz
Called-Station-Id check :UMA
Simultaneous-Use check 1
Active-Directory-Group check AD-WLAN_JH-Chemnitz
TLS-Server-Certificate check Radius.dbjw.local
Session-Timeout success-Reply 300
Idle-Timeout success-Reply 300

User Feyerabendt.Antonia@dbjw.local can login to ssid GAST3259 but it should be forbidden. User Schön.Domi@dbjw.local can not login ssid GAST3259 wich is correct.
Now we have a lot of users like Feyerabendt.Antonia@dbjw.local.

You can got a log file as developer, but not here as a public file.

Best reguards
Bernie
0 link
Admin
Admin
Administrator
Posts: 4992


8.11.2017
Admin
Admin
Administrator
Posts: 4992
Please send me TekRADIUS log, yasin.kaplan at kaplansoft.com.
0 link
Admin
Admin
Administrator
Posts: 4992


9.11.2017
Admin
Admin
Administrator
Posts: 4992
Hi,


Please apply update at https://www.kaplansoft.com/tekradius/release/TekRADIUS-Update.zip (5.3.4.8)


Please also delete C:\Program Files (x86)\TekRADIUS\TekRADIUS.db file while updating.


Best regards,


Yasin KAPLAN
0 link
Bernie
Bernie
Posts: 205


15.11.2017
Bernie
Bernie
Posts: 205
Hi,

the error "No user with username ...." has not occurred.

Best reguards,
Bernie
0 link
Admin
Admin
Administrator
Posts: 4992


15.11.2017
Admin
Admin
Administrator
Posts: 4992
Is there any other issue?
0 link
Bernie
Bernie
Posts: 205


16.11.2017
Bernie
Bernie
Posts: 205
The patch I have installed at 2017-11-10.
I can not interpret. I do an sql query:

SELECT Accounting.TimeStamp, Accounting.SessionID, Accounting.StatusType, [InputOcts]/1024/1024/8 AS [Gesendet MB], [OutOcts]/1024/1024/8 AS [Empfangen MB], Accounting.UserName, Accounting.NasIPAddr, Accounting.NasIdentifier, Accounting.NasPortType, Accounting.FramedIPAddr, Accounting.CallingStationID, Accounting.CalledStationID, [AcctSessTime]/3600 AS [Dauer in h], Accounting.DisconnectCause, Accounting.Amount
FROM Accounting
WHERE (((Accounting.TimeStamp)>=GetDate()-10) AND ((Accounting.UserName) Like '%demjanenko%' Or (Accounting.UserName) Like '%sukwinder%') AND ((Accounting.CalledStationID) Like '%GAST%'))
ORDER BY Accounting.TimeStamp;

This brings Accounting Stops with no Accounting Starts after 2017-11-10. You see the outputs of the sql query as a semicolon separate file as attachment.

Attachments:
sql-query.csv
0 link
Admin
Admin
Administrator
Posts: 4992


16.11.2017
Admin
Admin
Administrator
Posts: 4992
Do you observe any error message for RADIUS Accounting start packets in TekRADIUS log?
0 link
Bernie
Bernie
Posts: 205


16.11.2017
Bernie
Bernie
Posts: 205
Please give me an idea for search words...?
0 link
Admin
Admin
Administrator
Posts: 4992


16.11.2017
Admin
Admin
Administrator
Posts: 4992
Look for keyword "Debug" (Without quotes)
0 link
Bernie
Bernie
Posts: 205


16.11.2017
Bernie
Bernie
Posts: 205
Hi,
I have mailed you 3 log files in which is included „debug“. But I would say this has nothing to do with accounting start.
Best reguards
Bernie
0 link
Admin
Admin
Administrator
Posts: 4992


16.11.2017
Admin
Admin
Administrator
Posts: 4992
Hi,

Please apply the latest update at;

https://www.kaplansoft.com/tekradius/release/TekRADIUS-Update.zip (5.3.4.10)

I recommend you to increase RADIUS Accounting timeout in your access servers since
your SQL server responds slow time to time. Please also set Logging = Developer in
TekRADIUS if you experince RADIUS Accounting Start problem in order to get detailed
diagnostic output. You can also try to use MS SQL profiler to trace SQL queries
executed for Accounting Start events.

Best regards,

Yasin KAPLAN
0 link






Powered by Jitbit Forum 8.3.8.0 © 2006-2013 Jitbit Software