User Tools
radius_аутентификация_в_microsoft_ad
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
radius_аутентификация_в_microsoft_ad [2013/11/20 08:15] val [Установка и настройка] |
radius_аутентификация_в_microsoft_ad [2013/12/15 07:27] (current) val |
||
|---|---|---|---|
| Line 12: | Line 12: | ||
| Network Polices and Access Services -> NPS(local) -> Register server in Active Directory | Network Polices and Access Services -> NPS(local) -> Register server in Active Directory | ||
| Radius Clients and Servers -> new | Radius Clients and Servers -> new | ||
| - | Polices -> Network Polices -> new | + | ... |
| - | Plicy Name: my policy | + | |
| - | Conditions: Windows Group -> Domain Users | + | |
| - | Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP) | + | |
| </code> | </code> | ||
| - | ==== Управление атрибутами ==== | + | ==== Аутентификация Cisco login ==== |
| + | |||
| + | <code> | ||
| + | Server Manager -> Roles -> | ||
| + | Network Polices and Access Services -> NPS(local) -> | ||
| + | Polices -> Network Polices -> policy cisco admin -> Propeties | ||
| + | Constraints -> | ||
| + | Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP) | ||
| + | Settings -> | ||
| + | Standart -> Service-Type = NAS-Prompt | ||
| + | </code> | ||
| + | |||
| + | ==== Авторизация Cisco exec ==== | ||
| * Configure a Custom VSA ([[http://technet.microsoft.com/en-us/library/cc731611.aspx]]) | * Configure a Custom VSA ([[http://technet.microsoft.com/en-us/library/cc731611.aspx]]) | ||
| Line 26: | Line 35: | ||
| Server Manager -> Roles -> | Server Manager -> Roles -> | ||
| Network Polices and Access Services -> NPS(local) -> | Network Polices and Access Services -> NPS(local) -> | ||
| - | Polices -> Network Polices -> my policy -> Propeties -> Settings | + | Polices -> Network Polices -> policy cisco admin -> Propeties |
| - | Standart -> Service-Type = NAS-Prompt | + | Constraints -> |
| - | Vendor Specific -> Cisco-AVPair = shell:priv-lvl=15 | + | Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP) |
| + | Settings -> | ||
| + | Standart -> Service-Type = NAS-Prompt | ||
| + | Vendor Specific -> Cisco-AVPair = shell:priv-lvl=15 | ||
| </code> | </code> | ||
| + | |||
| + | ==== Аутентификация 802.1x (PEAP) ==== | ||
| + | |||
| + | * При использовании PEAP в XSupplicant необходимо в поле "Other Identity" указать имя пользователя | ||
| + | |||
| + | <code> | ||
| + | Server Manager -> Roles -> | ||
| + | Add Roles -> Active Directory Certificate Services | ||
| + | ... Web Enrollment ... | ||
| + | |||
| + | Server Manager -> Roles -> | ||
| + | Network Polices and Access Services -> NPS(local) -> | ||
| + | Polices -> Network Polices -> new | ||
| + | Plicy Name: policy 802.1x | ||
| + | Conditions: Windows Group -> Domain Users | ||
| + | Configure Authentifications Methods -> Add -> Microsoft...(PEAP) | ||
| + | </code> | ||
| | | ||
| ===== Win2003 ===== | ===== Win2003 ===== | ||
radius_аутентификация_в_microsoft_ad.1384920913.txt.gz · Last modified: 2013/11/20 08:15 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
