Microsoft KB Archive/925630

= Rules may not work correctly for connection request policies when you use IAS on a Windows Server 2003-based server =

Article ID: 925630

Article Last Modified on 10/12/2006

-

APPLIES TO


 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)

-



SYMPTOMS
Consider the following scenario. You use Internet Authentication Service (IAS) on a Microsoft Windows Server 2003-based server. You have a connection request policy that is configured to use a rule for an attribute. This rule contains a Find value and a Replace With value.

In this scenario, the following behavior may occur:
 * The value that is supposed to be specified in the Find box is incorrectly specified in the Replace With box.
 * The value that is supposed to be specified in the Replace With box is incorrectly specified in the Find box.

When this behavior occurs, the connection request policy uses the incorrect values that are specified in the rule. Additionally, all rules that are supposed to be processed after this rule are not processed in this connection request policy.



CAUSE
This problem occurs because the database layer incorrectly processes the data from the connection request policy. When the data is written to the hard disk, the database layer optimizes this data for seek, read, and write operations that are performed on the hard disk. When the data for the rules is read from the hard disk, the database layer returns the data in the incorrect order for the connection request policy.



WORKAROUND
To work around this problem, use one or both of the following methods.

Method 1
Use regular expressions instead of values in the Find and the Replace With boxes.

For example, if you want to replace  with , follow these steps:
 * 1) Click Start, click Run, type ias.msc, and then click OK.
 * 2) In the IAS Microsoft Management Console (MMC) snap-in, expand Connection Request Processing, and then click Connection Request Policies.
 * 3) Right-click the connection request policy that you want to configure, and then click Properties.
 * 4) In the Properties dialog box, click Edit Profile.
 * 5) On the Attributes tab, click the attribute that you want to edit in the Attribute list.
 * 6) To add a new rule, click Add. To edit an existing rule, click Edit.
 * 7) In the Find box, type ^(.*)@(.*)\..*$.
 * 8) In the Replace with box, type ($2)\($1).
 * 9) Click OK three times.

Method 2
Create separate connection request policies for each rule.

Note If you use this method, you can use regular expressions or values in the Find and the Replace With boxes.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.



MORE INFORMATION
For more information about regular expressions, visit the following Microsoft Web site:

http://msdn2.microsoft.com/en-us/library/2k3te2cs.aspx

Keywords: kbnetwork kbtshoot kbprb KB925630

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.