Solved

TACTEST from tacacs.net issue on Windows 7

Posted on 2015-02-10
4
489 Views
Last Modified: 2015-07-11
Background:
tacacs.net 1.3.1 installed on a Army AGM imaged Windows 7 desktop

I'm having issues getting the simply tactest utility from tacacs.net to pass.  I can't even get it to fail either.
I'm getting this message:
Error in processing response: The type initializer for '♥.' threw an exception.
Could not get pass-fail information

------------------

SUMMARY STATISTICS

------------------

Total Commands  .....................  1
Successes  ..........................  0
Failures  ...........................  0
No Results  .........................  1
Time Taken for commands  ............  0.046 secs
Avg Possible Transactions/Second  ...  21
Network Time per command  ...........  0 secs
Total Network time  .................  0 secs
Sent Transactions/Second  ...........  13.3



I've editted the tacacs.xml file to be the IP address of the TACACS+ system.
I've editted the clients.xml file to the IP address so that TACTEST can be run from TACACS+ system itself.
I've editted the authentication.xml file to uncomment the user1 and user2 entries (for testing only, of course)

The tacverify indicates the configuration files are ok.  The host firewalls have been temporarily disabled.  The tacacs.net service is running and telnet to the host shows ESTABLISHED when it connects.

Entry from the Debugging Log:
<87> 2015-02-10 13:37:42 Local address and port : X.X.X.21 49
<87> 2015-02-10 13:40:25 Device X.X.X.21:49808 is  allowed to connect based on settings for group LOCALHOST
<94> 2015-02-10 13:40:25 New client connection opened for X.X.X.21:49808 TID:7
<87> 2015-02-10 13:40:25 TOTAL connections: 1
<87> 2015-02-10 13:40:26 [X.X.X.21:49808] Could not receive data from client An existing connection was forcibly closed by the remote host. Client might have closed connection.

(Sorry - had to sanitize the IP address)

Any ideas?
0
Comment
Question by:Tracy Horstman
  • 3
4 Comments
 

Author Comment

by:Tracy Horstman
ID: 40601619
Upon further investigation -- I found that tactest is successful on a Windows 7 system that is not an Army AGM image (aka, DISA STIG'd) so I'm left to believe that somewhere in the STIG settings for Windows 7 the ability for tacacs.net to run properly is being hampered so if anyone has had any experience with tacacs.net running on a Windows 7 system that has been DISA STIG'd, I would love to hear from you
0
 
LVL 10

Expert Comment

by:Rafael
ID: 40602424
WOW, it's been a while since I had to work on AGM disks.  However, in many cases we found the issue to be in the security settings of the local registry. Especially in Kerberos. So...  I would first look at the security features first and go from there.
0
 

Accepted Solution

by:
Tracy Horstman earned 0 total points
ID: 40868568
Seems that is a security setting in AGM Windows 7 -- a needle in a haystack so opted to another route -- thanks to all who responded!
0
 

Author Closing Comment

by:Tracy Horstman
ID: 40877318
The security settings in Army Gold Disk version of Windows 7 are too numerous to determine where the cause of my problem would be so I just opted to go another route.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question