Article ID: 214555 - View products that this article applies to.
This article was previously published under Q214555
Microsoft Internet Authentication Server (RADIUS) can be used to authenticate remote dial-in users from another domain if the Radius server's domain trusts the user's domain.
To successfully authenticate users from a domain other than the RADIUS server's domain, the user name supplied should be in the form of domain\user and the Radius server's domain should trust the user's domain.
However, when you dial into a Routing and Remote Access server that is using a Radius server for authentication, cross-domain authentication may fail even when you specify the user name in the domain\user format.
To resolve this problem, obtain the latest service pack for Windows NT 4.0 or the individual software update. For information on obtaining the latest service pack, please go to:
Microsoft has confirmed that this is a problem in Microsoft Routing and Remote Access Service Update for Windows NT Server 4.0. This problem was first corrected in Windows NT version 4.0 Service Pack 5.
When installing the hotfix using Service Pack or hotfix.exe or hfx.exe the following registry entries are added automatically. But, if applying the fix manually then the following registry changes need to be done manually: