none
IAS extension dll for using sql server as radius authentication RRS feed

  • Question

  • Hello. Im searching information about any .dll or more specifications about the "IAS extension DLL" speaked in this url:

    http://technet.microsoft.com/en-us/library/cc757302(WS.10).aspx

    We need some way to connect the IAS with a MS sql server, for the web Citrix (Radius).

    As i saw, the only way is deploying that dll with the specifications above (there is no free dll on internet). But i think we are not enough skilled for that task, as we have never worked with radius, neither with eap or other encryptions. We are "so common" C#NET developers.

    Any suggestions?

    Thanks.
    Paul.
    Monday, March 8, 2010 8:39 PM

Answers

  • Hi Paul,

    I have implemented similar sort of IAS implementation as extension dll. Initially I also faced many problems while implementing the same since there is very less information available on internet. Although whatever the information is available they are scattered and not properly organized. With my experience I can share something with you which might be of help to you.

    If you are looking for any free dll on internet then u might return empty handed. From you above post it seems you want to implement something where the client is you web citrix which will be connecting to the IAS server on Win2003 server or NPS server on Win2008 server. The IAS/NPS will inturn connect to MS SQL server for further authentication or authorization process.

    As per my understanding IAS/NPS understands only the unmanaged windows dll. So I would suggest to use VC++ to create MFC Extension dll which will expose following functions as part of dll:

    1) RadiusExtensionInit 2) RadiusExtensionProcessEx 3) RadiusExtensionFreeAttributes 4) RadiusExtensionTerm

    You can get the signature of these functions from MSDN

    Within the RadiusExtensionProcessEx function you will have to write the code which will connect with your MS SQL and do further processing. Once you are done with the dll, then you will have to create following registry entries:

    Refer: http://msdn.microsoft.com/en-us/library/bb892024%28VS.85%29.aspx

    The extension dlls can be registered and hence by the above mentioned registry entries only you can notify the IAS/NPS about that dll. Once the registry entries are done, restart the IAS/NPS server, now make a hit from the citrix web client to IAS/NPS. IAS/NPS will look for the above registry entry and if any dll is referred then it sarts calling the 2nd function with each call as mentioned above.

    One more thing if your IAS/NPS sever is on 64-bit machine then you will have to build the 64-bit version of the dll.

    Thanks,

    Ashish

    • Marked as answer by factorial Thursday, March 25, 2010 11:38 AM
    Wednesday, March 24, 2010 6:28 AM

All replies

  • Currently, IAS/NPS supports MS SQL server for RADIUS Accounting.

    In what way are you looking to 'connect the IAS with a MS sql server'?

    Assuming you are looking to use SQL server to store your user credentials, then yes, you will need to create an NPS extension DLL in order to authenticate using NPS. This is a good use for NPS extension DLLs (utilizing a user database other than AD or the local Windows account store) but as you mention, it is no light task. At the very least, a solid understanding of RADIUS would be necessary.

    Another option would be to use Active Directory as your user identity manager.

    This TechNet forum post is provided "AS IS" with no warranties, and confers no rights. This entry reflects my own personal views and does not necessarily reflect the view of my employer.
    Monday, March 8, 2010 9:59 PM
  • Thanks for response. Yes we need to authenticate against a MS sql server 2005. The point is that we need to use a "passcode" (PIN) (>> thats the reason of using sql server), and the AD user/password (BOTH things) in the process of authentication in Citrix Web interface.

    As i said, we are junior developers, and we need this solution fast, i think we will need to use the open source radius freeradius.

    Thanks.
    Tuesday, March 9, 2010 11:06 AM
  • Hi Paul,

    I have implemented similar sort of IAS implementation as extension dll. Initially I also faced many problems while implementing the same since there is very less information available on internet. Although whatever the information is available they are scattered and not properly organized. With my experience I can share something with you which might be of help to you.

    If you are looking for any free dll on internet then u might return empty handed. From you above post it seems you want to implement something where the client is you web citrix which will be connecting to the IAS server on Win2003 server or NPS server on Win2008 server. The IAS/NPS will inturn connect to MS SQL server for further authentication or authorization process.

    As per my understanding IAS/NPS understands only the unmanaged windows dll. So I would suggest to use VC++ to create MFC Extension dll which will expose following functions as part of dll:

    1) RadiusExtensionInit 2) RadiusExtensionProcessEx 3) RadiusExtensionFreeAttributes 4) RadiusExtensionTerm

    You can get the signature of these functions from MSDN

    Within the RadiusExtensionProcessEx function you will have to write the code which will connect with your MS SQL and do further processing. Once you are done with the dll, then you will have to create following registry entries:

    Refer: http://msdn.microsoft.com/en-us/library/bb892024%28VS.85%29.aspx

    The extension dlls can be registered and hence by the above mentioned registry entries only you can notify the IAS/NPS about that dll. Once the registry entries are done, restart the IAS/NPS server, now make a hit from the citrix web client to IAS/NPS. IAS/NPS will look for the above registry entry and if any dll is referred then it sarts calling the 2nd function with each call as mentioned above.

    One more thing if your IAS/NPS sever is on 64-bit machine then you will have to build the 64-bit version of the dll.

    Thanks,

    Ashish

    • Marked as answer by factorial Thursday, March 25, 2010 11:38 AM
    Wednesday, March 24, 2010 6:28 AM
  • There is a good article on installing and configuring IAS server:

    http://articles.techrepublic.com.com/5100-10878_11-6148579.html

    Rgds,

    Ashish

    • Proposed as answer by Mohamad_77 Sunday, June 28, 2015 12:27 PM
    • Unproposed as answer by Mohamad_77 Sunday, June 28, 2015 12:28 PM
    Wednesday, March 24, 2010 6:33 AM
  • I have made the dll.

     

    Thanks for help.

    Paul.

    • Proposed as answer by Mohamad_77 Sunday, June 28, 2015 12:28 PM
    • Unproposed as answer by Mohamad_77 Sunday, June 28, 2015 12:28 PM
    Thursday, April 15, 2010 6:06 PM
  • Hi, Paul.

    I'm also searching  for nps extension dll's with the goal to implement MAC-authentication against a database.

    Would you perhaps share your solution?

    Please let me know under gerd.schelbert@computacenter.com.

     

    Regards

     

    Gerd

    Wednesday, April 28, 2010 3:00 PM
  • Hi, Paul.

    I'm also searching  for this extension dll's.

    I'll be very thankfull if you can share your solution? (houaidia_anis@yahoo.fr)

     

     

    Regards


    Wednesday, May 5, 2010 9:32 AM
  • I have sent an email to both of you. If anyone needs the source code of the dll, mail me to factoriales @ gmail . com

    Good luck.

    Wednesday, May 5, 2010 6:35 PM
  • I've several problems during my extension DLL development. First of all, is it OK to load DLL with empty function, so I'm exporting neccessary(RadiusExtensionProcess2) function, but the only string of code with in is: return NO_ERROR; is it ok to export function which does nothing? Coz my DLL can not be loaded by NPS, there are severl error with codes: 0x1c, 0x7e.
    Thursday, December 2, 2010 12:31 PM
  • Hi, Paul.

    I'm also need the source code of   this extension dll's.

    I'll be very thankfull if you can share something about you solution? (xuyang.zhou@hotmail.com)

     

     

    Best Regards

    Tuesday, January 11, 2011 2:42 AM
  • Hi,Paul

           I'm searching for the IAS extension dlls to connet with SQL.

           Would you perhaps share your solution。(zhuzhenliang007@zcom.com.cn or zhuzhenliang007@hotmail.com

           Thank you for your help.

           Best regards

           zhuzhenliang


    best regards
    Friday, August 5, 2011 3:01 AM
  • Hi Paul,

    I'm also searching  for nps extension dll's with the goal to implement authentication against a SQL Server database.

    Please share me the source code and dll under parth.192@gmail.com

    Regards

    Ayaz Shaikh

    Friday, May 4, 2012 5:52 AM
  • Hello Paul,

    i'm searching exactly for this use case.

    Could you please send me the the source code to gojo119@gmail.com?
    Thank you!

    kind regards

    Gottfried

    • Proposed as answer by Roman Krylov Tuesday, October 2, 2012 5:08 PM
    Wednesday, July 4, 2012 11:59 AM
  • Hello

    i'm searching to, for this use case.

    Could you please send me the source code to roman.krilov@windowslive.com ?


    Thank you!


    Roma

    Tuesday, October 2, 2012 5:09 PM
  • hi

    please send me the source code to dependrg@unifycloud.com

    Thank you

    Dependra

    Tuesday, February 26, 2013 9:38 AM
  • Hi Everyone,

    I am new to NPS. I have developed an Authentication Extension DLL which is basically a MFC Extension DLL for custom authentication in NPS.

    Now, to apply this Extension DLL at NPS I have used following steps:- 

    1. I have put that DLL in %System Root%\System32\radius.dll folder.
    2. I have create HKLM\System\CurrentControlSet\Services\AuthSrv\Parameters\ registry key and set path of DLL as described here http://msdn.microsoft.com/en-us/library/windows/desktop/bb892024(v=vs.85).aspx

    Now, when I am restarting NPS server I am getting following error:-

    "Extension Host is failed to load DLL.Path %System Root%\System32\radius.dll".

    Regards

    Deepak

    Monday, March 4, 2013 11:31 AM
  • Hi Paul,

    I  know it is long time since you added this post, but we need this extension dll's, so, would you please share your solution

    My Email address is mohamad_77@hotmail.com

    Thanks in Advance

    Mohammad

    Sunday, June 28, 2015 12:48 PM
  • Hi ,

    I  know it is long time since you added this post, but we face the same problem, so, would you please let

    me know if you manage to solve this problem and  if yes how you solved it? 

    My Email address is mohamad_77@hotmail.com

    Thanks in Advance

    Mohammad

    Sunday, June 28, 2015 12:52 PM
  • When using NPS + dll with eap, does the NPS handle the encryption and pass the clear password to the dll or do you have to implement the eap session in the dll as well?
    Thursday, November 9, 2017 2:46 PM
  • Hi Paul,

    Its been a long time though, while searching internet for similar type of work, fortunately I clicked this blog link. I was not getting any help how to write NPS extension dll. Can you please share the source code with me at

    prosanta.mondal@yahoo.com

    Many thanks...

    Tuesday, July 9, 2019 3:37 PM