User Tools

Site Tools


radius_аутентификация_в_microsoft_ad

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
radius_аутентификация_в_microsoft_ad [2013/10/10 08:46]
val [Установка и настройка]
radius_аутентификация_в_microsoft_ad [2013/12/15 07:27]
val
Line 12: Line 12:
   Network Polices and Access Services -> NPS(local) -> Register server in Active Directory   Network Polices and Access Services -> NPS(local) -> Register server in Active Directory
     Radius Clients and Servers -> new     Radius Clients and Servers -> new
-    ​Polices -> Network Polices -> new +    ​...
-      Plicy Name: my policy +
-      Conditions: Windows Group -> Dimain Users +
-      Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP)+
 </​code>​ </​code>​
  
-==== Управление атрибутами ====+==== Аутентификация Cisco login ==== 
 + 
 +<​code>​ 
 +Server Manager -> Roles -> 
 +  Network Polices and Access Services -> NPS(local) ->  
 +    Polices -> Network Polices -> policy cisco admin -> Propeties 
 +      Constraints -> 
 +        Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP) 
 +      Settings -> 
 +        Standart -> Service-Type = NAS-Prompt 
 +</​code>​ 
 + 
 +==== Авторизация Cisco exec ====
  
   * Configure a Custom VSA ([[http://​technet.microsoft.com/​en-us/​library/​cc731611.aspx]])   * Configure a Custom VSA ([[http://​technet.microsoft.com/​en-us/​library/​cc731611.aspx]])
Line 26: Line 35:
 Server Manager -> Roles -> Server Manager -> Roles ->
   Network Polices and Access Services -> NPS(local) ->    Network Polices and Access Services -> NPS(local) -> 
-    Polices -> Network Polices -> my policy -> Propeties -> Settings +    Polices -> Network Polices -> policy ​cisco admin -> Propeties 
-      Standart -> Service-Type = NAS-Prompt +      Constraints ​-> 
-      Vendor Specific -> Cisco-AVPair = shell:​priv-lvl=15+        Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP) 
 +      ​Settings -> 
 +        ​Standart -> Service-Type = NAS-Prompt 
 +        Vendor Specific -> Cisco-AVPair = shell:​priv-lvl=15
 </​code> ​   ​ </​code> ​   ​
 +
 +==== Аутентификация 802.1x (PEAP) ====
 +
 +  * При использовании PEAP в XSupplicant необходимо в поле "Other Identity"​ указать имя пользователя
 +
 +<​code>​
 +Server Manager -> Roles -> 
 +  Add Roles -> Active Directory Certificate Services
 +   ... Web Enrollment ...
 +
 +Server Manager -> Roles ->
 +  Network Polices and Access Services -> NPS(local) -> 
 +    Polices -> Network Polices -> new
 +      Plicy Name: policy 802.1x
 +      Conditions: Windows Group -> Domain Users
 +      Configure Authentifications Methods -> Add -> Microsoft...(PEAP)
 +</​code>​
       ​       ​
 ===== Win2003 ===== ===== Win2003 =====
radius_аутентификация_в_microsoft_ad.txt · Last modified: 2013/12/15 07:27 by val