couple of questions :)

Hey guys,

1. I've got my 3rd shot at the 291 coming up on 5/7/7, without breaking the NDA I remember something about SSL errors, can anyone tell me what log files I should check for SSL errors (probably recorded by IIS).

2. IAS connection request processing, am i right in thinking this is like conditional forwarding so when clients logon with a UPN if the domain matches a policy it will forward it to another access server with accounts for that domain?

thats about it for now any help is appreciated

thanks,

Find more posts tagged with

Comments

Yisrael48

Well most of the time you check the IIS6 log files, the next question is not
clear for me but then againt i am no native english speaker.

Sharepoint Guy

IAS is not really like conditional formating. Conditional formating basically say that if a certain criteria is met then something will happen to the formating.

IAS uses policies. Policies are not like conditional formating at all. a policy says this is what I want to do.

You are referring to the connection though. Remember this: IAS is an AAA. Authenication, Authorization and Accounting.

It sounds like you are close but you do need a bit of touch up on the RADIUS stuff.

As for the first question the poster above is correct. The IIS log files are usually stored like this:
C:\WINDOWS\system32\Logfiles\W3SVC1.
C:\WINNT\system32\Logfiles\W3SVC1

Good Luck

tsunami55

Hi, thanks for your responses,

the problem i'm having with IAS is with the 'connection request processing'. What i was wondering was about the connection request policies not the remote access policies. To me it read like conditional forwarding. Say you had a domain 'domain.com' and someone attempted logon with domain\administrator account, if you have RADIUS setup correctly in RRAS the account is verified by IAS not RRAS. But under the connection request processing it appears you can setup a policy to forward certain requests to a remote RADIUS server groups, this is why i wondered if it was like conditional forwarding of certain accounts. e.g. Say someone logged on with subdomain\administrator instead, if the policy is configured correctly the request would be forwarded to a remote server group that authenticates instead?

Thats what it read like to me I just wondered how close to the mark I am

n.b. It seems you can set it up to pass to remote groups based on the calling number or called number aswell

Sharepoint Guy

I see what you are asking. Yes you are on top of it. I'n not sure it would ever be called called conditional formatting, but you got it. That is correct.