000019585 - RADIUS authentication doesn't work; RADIUS debug shows: ignored; no user name

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019585
Applies ToRSA ACE/Server 4.1 (no longer supported as of 2-1-2004)
RADIUS
Local test authentication works correctly
IssueRADIUS authentication doesn't work; RADIUS debug shows: ignored; no user name
In the raddebug.log: received unknown attribute %d 1
In the raddebug.log: received unknown attribute %d 2
Nothing in RSA ACE/Server logs
Authentication works correctly when using ACE/Agent's Test Authentication or sdshell
There are no listed attributes to choose from when adding a profile
CauseThere is no dictionary loaded into the ACE/Server database, so it can't understand a RADIUS authentication request
ResolutionTo correct this, perform the following steps:
1.  Make sure the Radius Service is stopped before running the loadraddb command
2.  Make sure you include the path to both the dictionary AND securidmapfile
3.  Compare content AND size of dictionary and securidmapfile to those in a working installation and, if different, replace
4.  Use the following syntax to run the loadraddb command:
loadraddb xyzzy /path_to_dictionary/dictionary /path_to_securidmapfile/securidmapfile
(the default versions of both files are in ace/data)
Check the ACE/Server Version. It must be v. 3.3.1 patch 14 or newer. There are two ways to add the dictionary:

First:
1.  Click START> Programs> Command Prompt
2.  At the C:\> Prompt type the following command:
cd \ace\prog  and then press ENTER.
3.  At the c:\cd \ace\prog, prompt type the following command:
loadraddb xyzzy c:\ace\data\dictionary c:\ace\data\securidmapfile

This will load the dictionary to the ACE/Server. If this procedure does not work, perform the following steps:

Second:
1.  Insert ACE/Server installation CD-ROM in drive
2.  Run the following (assuming D: is your CD-ROM drive) D:\aceserv\NT_i386\setup.exe
3.  On the welcome screens, select Next on both
4.  Select License screen, select country of license, and then select Next
5.  License Agreement Read and select Yes or No (if you select No, the installation ends)
6.  Read the Warnings, if any, then select Next
7.  Select New Import Files, and then select Next
8.  Select Available Input Files, and then select Next
9.  Under Installation Options, select Radius, (or if grayed out), then select Next
10.  Select RADIUS Accounting Directory (must be in \ACE\Data\radacct), then select Next
11.  Under RADIUS Options, select RADIUS Dictionary File and select Next
12.  Under Dictionary File (should be in \ACE\Data\Dictionary), select Next
13.  Start Copying Files and select Next (files are copied and the setup closes)
Check if there are any attributes in your database by performing the following steps:

1.  Run the ACE/Server administration program (sdadmin) from the ACEPROG directory
2.  Pull down the Profiles menu and add a profile
3.  Check the available attributes - if there are none there, you do not have a RADIUS dictionary loaded

To manually load the default RADIUS dictionary, run the command "loadraddb" found in the ACEPROG directory:

./loadraddb xyzzy ../data/dictionary ../data/securidmapfile

xyzzy                  - <key>
dictionary            - <dictionary file name>
securidmapfile      - <map file name>
Workaroundsdnewdb has been executed
Legacy Article IDa10584

Attachments

    Outcomes