User Tools

Site Tools


This is an old revision of the document!

RADIUS аутентификация в Microsoft AD


Установка и настройка

Server Manager -> Roles -> 
  Add Roles -> Network Polices and Access Services -> Network Policy Server
  Network Polices and Access Services -> NPS(local) -> Register server in Active Directory
    Radius Clients and Servers -> new
    Polices -> Network Polices -> new
      Plicy Name: my policy
      Conditions: Windows Group -> Dimain Users
      Configure Authentifications Methods -> Unencrypted Authentificatios (PAP, SPAP)

Управление атрибутами

Server Manager -> Roles ->
  Network Polices and Access Services -> NPS(local) -> 
    Polices -> Network Polices -> my policy -> Propeties -> Settings
      Standart -> Service-Type = NAS-Prompt
      Vendor Specific -> Cisco-AVPair = shell:priv-lvl=15


Add/Remove Programm -> Windows Components -> Networking services/Internet Authenticatin Service (IAS)
  Add peer to IAS (intgate)
    Remote Access Polices -> Connection to other access server -> Properties -> Edit Profile -> Authentication
    Check Unencrypted authentication (PAP, SPAP)
    Permit DialIn for user user
radius_аутентификация_в_microsoft_ad.1381380257.txt.gz · Last modified: 2013/10/10 08:44 by val