User Tools

Site Tools


radius_аутентификация_в_microsoft_ad

RADIUS аутентификация в Microsoft AD

Win2008

Установка и настройка

Server Manager -> Roles -> 
  Add Roles -> Network Polices and Access Services -> Network Policy Server
  Network Polices and Access Services -> NPS(local) -> Register server in Active Directory
    Radius Clients and Servers -> new
    ...

Аутентификация Cisco login

Server Manager -> Roles ->
  Network Polices and Access Services -> NPS(local) -> 
    Polices -> Network Polices -> policy cisco admin -> Propeties
      Constraints ->
        Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP)
      Settings ->
        Standart -> Service-Type = NAS-Prompt

Авторизация Cisco exec

Server Manager -> Roles ->
  Network Polices and Access Services -> NPS(local) -> 
    Polices -> Network Polices -> policy cisco admin -> Propeties
      Constraints ->
        Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP)
      Settings ->
        Standart -> Service-Type = NAS-Prompt
        Vendor Specific -> Cisco-AVPair = shell:priv-lvl=15

Аутентификация 802.1x (PEAP)

  • При использовании PEAP в XSupplicant необходимо в поле “Other Identity” указать имя пользователя
Server Manager -> Roles -> 
  Add Roles -> Active Directory Certificate Services
   ... Web Enrollment ...

Server Manager -> Roles ->
  Network Polices and Access Services -> NPS(local) -> 
    Polices -> Network Polices -> new
      Plicy Name: policy 802.1x
      Conditions: Windows Group -> Domain Users
      Configure Authentifications Methods -> Add -> Microsoft...(PEAP)

Win2003

Add/Remove Programm -> Windows Components -> Networking services/Internet Authenticatin Service (IAS)
  Add peer to IAS (intgate)
    Remote Access Polices -> Connection to other access server -> Properties -> Edit Profile -> Authentication
    Check Unencrypted authentication (PAP, SPAP)
    Permit DialIn for user user
radius_аутентификация_в_microsoft_ad.txt · Last modified: 2013/12/15 07:27 by val