|
Home > Archive > Radius Server > October 2004 > VPN / RADIUS to confirm
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
VPN / RADIUS to confirm
|
|
|
| I have a small network which I maintain...I've set up the following -
- 1 Windows 2003 Domain Controller (1 DC)
- 1 Server as a File Server / VPN Server (Windows 2003 RRAS)
The VPN and everything works fine - it authenticates to AD (the DC).
From the things I've read, you need a RADIUS (IAS) server in order for the
VPN Server to authenticate VPN users against the Domain Controller for the
domain.
Now, I never installed RADIUS in this simple environment, but my File Server
/ VPN server still authenticate domain users against the Domain Controller.
Why is my solution working and authenticating domain users when I do not
have a RADIUS per documentations and reading materials I've read.
Can someone please elaborate on this more...thank you.
| |
| James McIllece [MS] 2004-10-07, 5:49 pm |
| "LR" <lr@mail.com> wrote in news:OlwKvR2qEHA.3848@TK2MSFTNGP14.phx.gbl:
> I have a small network which I maintain...I've set up the following -
>
> - 1 Windows 2003 Domain Controller (1 DC)
> - 1 Server as a File Server / VPN Server (Windows 2003 RRAS)
>
> The VPN and everything works fine - it authenticates to AD (the DC).
>
> From the things I've read, you need a RADIUS (IAS) server in order for
> the VPN Server to authenticate VPN users against the Domain Controller
> for the domain.
>
> Now, I never installed RADIUS in this simple environment, but my File
> Server / VPN server still authenticate domain users against the Domain
> Controller.
>
> Why is my solution working and authenticating domain users when I do
> not have a RADIUS per documentations and reading materials I've read.
>
> Can someone please elaborate on this more...thank you.
>
>
>
>
Actually in your situation you do not need IAS. WS03 RRAS allows you to
create remote access policy, choose an authentication method, etc, and it
will authenticate and authorize connection requests against the AD user
accounts database (or against the security accounts manager/SAM database on
the local machine).
If you look at the How To Help topics for remote access policies, you will
note that many of them tell you how to perform the procedure on an RRAS
server OR in IAS.
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
|
|
|
|
|