Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Miscellaneous error (34960)

1 view
Skip to first unread message

Bas

unread,
Dec 2, 2003, 10:30:13 AM12/2/03
to
I have a problem login in with the NTradTool into my Radius server. I have
the folowing setup: 3x NW 5.1 SP6, Edir 8.7.1. All are RW Read Write
replica's except one offcourse. I'm using a BM 3.6 with SP2a for the Radius
server.

I have created a LPO in the Security Object, and have setup 3 methods of
authentication. NDS(man) Dial-Access(man) Dial-access-CHAP(man). I have
selected the DAS object who resides in the Server Container.

I have setup one Client IP in the DAS with 192.168.2.200, and is a Generic
Radius client. And the username resolvement is set to the context where the
test user is resided.

The test user has been setup to use the DAS object. And login has been
enabled.

I have run the DIDIAG tool, and all keys are ok on every server.

But i get the folowing error when trying to login. : Access Rejected :
Miscellaneous error (34960)

NMAS 2.60
RADIUS 3.27

[2003-12-02 04:07:10 PM] Deleting file "sys:etc\radius\log\20031125.log",
failed
[2003-12-02 04:07:10 PM] Parameter count = 3
[2003-12-02 04:07:10 PM] argv[0] = SYS:SYSTEM\RADIUS.NLM
[2003-12-02 04:07:10 PM] argv[1] = name=.DAS_LINGE.linge
[2003-12-02 04:07:10 PM] Tree Name = "<null>"
[2003-12-02 04:07:10 PM] Login Name = "<null>"
[2003-12-02 04:07:10 PM] Name = ".DAS_LINGE.linge"
[2003-12-02 04:07:10 PM] Workers = 0
[2003-12-02 04:07:10 PM] Port = 0
[2003-12-02 04:07:10 PM] Error encountered = 0
[2003-12-02 04:07:10 PM] Checking if parameters are to be retrieved from
Registry
[2003-12-02 04:07:10 PM] Got Tree Name from registry, "<null>"
[2003-12-02 04:07:10 PM] Got Login Name from registry, "<null>"
[2003-12-02 04:07:10 PM] Got Number Threads from registry, 5
[2003-12-02 04:07:10 PM] Got Service Port from registry, 1645
[2003-12-02 04:07:10 PM] Got Accounting Port from registry, 1646
[2003-12-02 04:07:10 PM] Got Accounting Path from registry,
"sys:\etc\radius\acct"
[2003-12-02 04:07:10 PM] Got Accounting File Format from registry, "comma"
[2003-12-02 04:07:10 PM] Got RollOver from registry, "daily"
[2003-12-02 04:07:10 PM] Services supported, [2003-12-02 04:07:10 PM]
"authentication" [2003-12-02 04:07:10 PM] "accounting" [2003-12-02 04:07:10
PM]
[2003-12-02 04:07:10 PM] Got Accounting Attribute File from registry,
sys:\etc\radius\radacct.atr
[2003-12-02 04:07:10 PM] Got Authentication Path from registry,
sys:etc\radius
[2003-12-02 04:11:40 PM] Debug logging enabled to file
sys:etc\radius\debug\raddbg.log
[2003-12-02 04:11:41 PM] CopyCache:
[2003-12-02 04:11:44 PM] 2) [(ip) 192.168.2.200:1158], Received 49 Bytes
(Access-Request (1))
[2003-12-02 04:11:44 PM] [(total=2) (p=1) (d=0) (r=0) (acc=0) (rej=0)]
[2003-12-02 04:11:44 PM] <2> Done GetNextMessage [(ip) 192.168.2.200:1158]:
time:2734518
[2003-12-02 04:11:44 PM] -------- START : (Access-Request (1)) [(ip)
192.168.2.200:1158]: time:5524560---
[2003-12-02 04:11:44 PM] CACHE: CacheDomainListExist(DAS_LINGE.linge),
using cache
[2003-12-02 04:11:44 PM] AuthRequestHandler(), Calling RequestHandler.
[2003-12-02 04:11:44 PM] CACHE:
CacheReadSecretForNASAddress(DAS_LINGE.linge), using cache
[2003-12-02 04:11:44 PM] CacheGetDNForName entered
[2003-12-02 04:11:44 PM] CACHE: CacheGetEnableCNLogin(DAS_LINGE.linge),
using cache
[2003-12-02 04:11:44 PM] ResolveNameByNDSFind
[2003-12-02 04:11:44 PM] ResolveNameByNDSFind retured 34960[2003-12-02
04:11:44 PM] (->)CacheGetDNForName:NWDSReadObjectInfo(infotheek), failed,
34960 (0x8890), time:20
[2003-12-02 04:11:44 PM] ->Sending Access-Reject (3) [(ip)
192.168.2.200(1158)] count=20
[2003-12-02 04:11:44 PM] ->Inserting into RespQ , code(3) id(38).
[2003-12-02 04:11:44 PM] -------- END : (Access-Request (1)) [(ip)
192.168.2.200:1158]: time:5524591---
[2003-12-02 04:11:44 PM] CopyCache:
[2003-12-02 04:11:47 PM] CopyCache:
[2003-12-02 04:11:50 PM] CopyCache:


My quess is that the RADIUS cant find the NDS name's, or cant read them.
What could be the problem here ?

Thanks in advance, Bastiaan.


Craig Johnson

unread,
Dec 4, 2003, 12:15:22 AM12/4/03
to
In article <9e2zb.13997$I04....@prv-forum2.provo.novell.com>, Bas wrote:
> My quess is that the RADIUS cant find the NDS name's, or cant read them.
> What could be the problem here ?
>
I'm not much good a RADIUS troubleshooting, since I have little experience
with it... Do you have a replica on the server holding the user object?
(Test against a user account that IS on a local replica, and see if that
works).

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

Bas

unread,
Dec 4, 2003, 3:04:05 PM12/4/03
to
Hi Graig,

The Bordermanager (RADIUS) is a Read/Write replica, if thats what you mean.
How can i asign a user to a replica? Never heard about it, sorry.

Bastiaan.

"Craig Johnson" <cra...@ix.netcom.com> wrote in message
news:VA.0000349...@ix.netcom.com...

Craig Johnson

unread,
Dec 5, 2003, 6:00:37 PM12/5/03
to
In article <VqMzb.1615$gd....@prv-forum3.provo.novell.com>, Bas wrote:
> The Bordermanager (RADIUS) is a Read/Write replica, if thats what you mean.
> How can i asign a user to a replica? Never heard about it, sorry.
>
Does the replica include an OU where the user accounts exist?
0 new messages