TACTEST from tacacs.net issue on Windows 7

Posted on 2015-02-10
Medium Priority
Last Modified: 2015-07-11
tacacs.net 1.3.1 installed on a Army AGM imaged Windows 7 desktop

I'm having issues getting the simply tactest utility from tacacs.net to pass.  I can't even get it to fail either.
I'm getting this message:
Error in processing response: The type initializer for '♥.' threw an exception.
Could not get pass-fail information




Total Commands  .....................  1
Successes  ..........................  0
Failures  ...........................  0
No Results  .........................  1
Time Taken for commands  ............  0.046 secs
Avg Possible Transactions/Second  ...  21
Network Time per command  ...........  0 secs
Total Network time  .................  0 secs
Sent Transactions/Second  ...........  13.3

I've editted the tacacs.xml file to be the IP address of the TACACS+ system.
I've editted the clients.xml file to the IP address so that TACTEST can be run from TACACS+ system itself.
I've editted the authentication.xml file to uncomment the user1 and user2 entries (for testing only, of course)

The tacverify indicates the configuration files are ok.  The host firewalls have been temporarily disabled.  The tacacs.net service is running and telnet to the host shows ESTABLISHED when it connects.

Entry from the Debugging Log:
<87> 2015-02-10 13:37:42 Local address and port : X.X.X.21 49
<87> 2015-02-10 13:40:25 Device X.X.X.21:49808 is  allowed to connect based on settings for group LOCALHOST
<94> 2015-02-10 13:40:25 New client connection opened for X.X.X.21:49808 TID:7
<87> 2015-02-10 13:40:25 TOTAL connections: 1
<87> 2015-02-10 13:40:26 [X.X.X.21:49808] Could not receive data from client An existing connection was forcibly closed by the remote host. Client might have closed connection.

(Sorry - had to sanitize the IP address)

Any ideas?
Question by:Tracy Horstman
  • 3

Author Comment

by:Tracy Horstman
ID: 40601619
Upon further investigation -- I found that tactest is successful on a Windows 7 system that is not an Army AGM image (aka, DISA STIG'd) so I'm left to believe that somewhere in the STIG settings for Windows 7 the ability for tacacs.net to run properly is being hampered so if anyone has had any experience with tacacs.net running on a Windows 7 system that has been DISA STIG'd, I would love to hear from you
LVL 10

Expert Comment

ID: 40602424
WOW, it's been a while since I had to work on AGM disks.  However, in many cases we found the issue to be in the security settings of the local registry. Especially in Kerberos. So...  I would first look at the security features first and go from there.

Accepted Solution

Tracy Horstman earned 0 total points
ID: 40868568
Seems that is a security setting in AGM Windows 7 -- a needle in a haystack so opted to another route -- thanks to all who responded!

Author Closing Comment

by:Tracy Horstman
ID: 40877318
The security settings in Army Gold Disk version of Windows 7 are too numerous to determine where the cause of my problem would be so I just opted to go another route.

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
One thing I've always found frustrating is no matter how many times one asks the end users to not save things on their local machines, they do it anyway.  Forget that we don't back up the desktops - only the servers.  Well, let's sneak their data on…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

587 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question