• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 393
  • Last Modified:

RRAS Server on a Domain to use local authentication

Hello everyone,

I have a Windows 2003 Server running RAS.  I have been trying to establish a dial-in connection to this server from another pc using CHAP authentication.  I have been able to make a connection when the server is not part of our domain.  However, I need this server to be a member of the domain.  When it is on the domain, I get an error saying that the user failed to authenticate.

I know that reversibly encrypted passwords need to be enabled, and I have done that.  I have reset the passwords so that this setting will catch.  I have set up each user to allow dial-in connections.  Encrypted passwords and dial-in settings are the same on both the local server and our PDC.

As a workaound, is there a way i can have the RAS server join the domain, but authenticate dial-up users locally???  Also, if anyone has any ideas as to how I can make this work by using the PDC to authenticate these users, that would help too.  Thanks!
0
pwi11
Asked:
pwi11
  • 2
1 Solution
 
pwi11Author Commented:
Ok, I think I found where the problem occurs.  In the IASSAM.LOG file, there are errors stating:

Opening LDAP connection to server.domain.local.
Access denied -- purging Kerberos ticket cache.
Retring LDAP connection to server.domain.local.
LDAP connect failed: Access is denied.
Using downlevel dial-in parameters.
Could not open an LDAP connection to domain DOMIAN.
NTDomain::getConnection failed: Access is denied.
Per-user attribute retrieval failed: Access is denied.

So I imagine that some type of setting in the active directory is causing this.  I have no idea how to fix this.  Any ideas???
0
 
pwi11Author Commented:
I added the RAS server to the list of RAS and IAS servers in the Active Directory group on our PDC.  I also rejoined the domain, then logged into the RAS server using a domain login.  It now works.  I'm not exactly sure why, but i'm glad it does.  Problem solved.
0
 
moduloCommented:
PAQed with points refunded (500)

modulo
Community Support Moderator
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now