[Serusers] DB Authentication Issues (Continued)

After much head scratching and experimentation I found a light at the end of the tunnel. The problem is I'm stuck in the tunnel and don't seem to be getting anywhere near the light. I've got SER running on a RH7.3 box (IP 10.3.5.1) with pretty much default config (see ser.cfg below). There are two clients running MSN Messenger 4.6. One client is running WinXP (IP 10.3.5.2) and the other is running Win2k (IP 10.3.5.3). The builds of Messenger are 4.6.0073 (for XP) and 4.6.0083 (for 2k). Both MSN clients are pointed at 10.3.5.1 for their "Communication Service." When logging in, the XP client gets a password prompt as it should and can login using the proper password. However, when logging in from the Win2k client, as soon as I click to sign in, an error message appears saying "Signing in to Communications Service failed because the service is temporarily unavailable. Please try again later." Here's the ngrep output: ------------------------- ]root(a)10.3.5.1]# ngrep -qd eth0 src 10.3.5.1 or src 10.3.5.3 or dst 10.3.5.1 or dst 10.3.5.3 U 10.3.5.3:1133 -> 10.3.5.1:5060 REGISTER sip:team3 SIP/2.0..Via: SIP/2.0/UDP 10.3.5.3:10829..Max-Forwards: 70..From: <sip:admin@team3>;tag=ff832bee93744680bca56666ad7c9e0a;epid=0d50f b3ca3..To: <sip:admin@team3>..Call-ID: e85f11868c82477da20e852a4cb223d9@10. 3.5.3..CSeq: 1 REGISTER..Contact: <sip:10.3.5.3:10829>;methods="INVITE, MES SAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER"..User-Agen t: RTC/1.2.4949..Event: registration..Allow-Events: presence..Content-Lengt h: 0.... U 10.3.5.1:5060 -> 10.3.5.3:10829 SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP 10.3.5.3:10829..From: <sip:admin @team3>;tag=ff832bee93744680bca56666ad7c9e0a;epid=0d50fb3ca3..To: <sip:admi n@team3>;tag=b27e1a1d33761e85846fc98f5f3a7e58.6d83..Call-ID: e85f11868c8247 7da20e852a4cb223d9@10.3.5.3..CSeq: 1 REGISTER..WWW-Authenticate: Digest rea lm="team3", nonce="407d8acfa56dbcb713c69e56e85c6a8280e2d02d"..Server: Sip E Xpress router (0.8.12 (i386/linux))..Content-Length: 0..Warning: 392 10.3.5 .1:5060 "Noisy feedback tells: pid=15189 req_src_ip=10.3.5.3 req_src_port= 1133 in_uri=sip:team3 out_uri=sip:team3 via_cnt==1".... ------------------------- My interpretation is that SER is just saying "Access denied," but I never got a chance to input a password. The real mystery is that it works properly from my WinXP client. I've matched all the settings that I can find. I even tried changing the IP address of the Win2k client to that of the WinXP client and trying to login with the same username that worked on the XP client. Still I get the same service temp. unavailable message. I've also tried uninstalling/reinstalling Messenger 4.6 on the Win2k clients, but that didn't change anything either. Am I doing something obviously wrong? I would *really* appreciate any guidance or ideas. I'm pretty much at wits end. Best Regards -Chris Here's my ser.cfg for good measure... ------------------------- # # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ #debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" alias="team3" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri == myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("team3", "subscriber")) { www_challenge("team3", "0"); break; }; save("location"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); }; }