User Tools

Site Tools


radius_аутентификация_в_microsoft_ad

This is an old revision of the document!


RADIUS аутентификация в Microsoft AD

Добавление RADIUS интерфейса к AD

Win2008

Установка и настройка

http://www.fatofthelan.com/technical/using-windows-2008-for-radius-authentication/

Server Manager -> Roles -> 
  Add Roles -> Network Polices and Access Services -> Network Policy Server
  Network Polices and Access Services -> NPS(local) -> 
    Register server in Active Directory
    Radius Clients and Servers -> new
    Polices -> Network Polices -> new
      Plicy Name: my policy
      Conditions: Windows Group -> Dimain Users
      Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP)

Управление атрибутами

http://technet.microsoft.com/en-us/library/cc731611(v=ws.10).aspx

Server Manager -> Roles ->
  Network Polices and Access Services -> NPS(local) -> 
    Polices -> Network Polices -> my policy -> Propeties -> Settings
      Standart -> Service-Type = NAS-Prompt
      Vendor Specific -> Cisco-AVPair = "shell:priv-lvl=15"

Win2003

Add/Remove Programm -> Windows Components -> Networking services/Internet Authenticatin Service (IAS)
  Add peer to IAS (intgate)
    Remote Access Polices -> Connection to other access server -> Properties -> Edit Profile -> Authentication
    Check Unencrypted authentication (PAP, SPAP)
    Permit DialIn for user user
radius_аутентификация_в_microsoft_ad.1381323601.txt.gz · Last modified: 2013/10/09 17:00 by val