|
Home > Archive > Radius Server > February 2005 > Radius Server W2k 2003 without AD ??
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Radius Server W2k 2003 without AD ??
|
|
| Emut Yusuf 2005-02-20, 6:18 pm |
| Hi All,
Is it possible use Radius server in Windows server 2003 without AD,
Thanks...
Yusuf
| |
| Manjunath Bharadwaj [MSFT] 2005-02-20, 6:18 pm |
| Yusuf,
It is possible to do that. In that case IAS wil only autenticate users on
the same machine (SAM database). To do that simply dont register IAS in AD.
IAS can also function as a RADIUS proxy and forward authentication
requests to another IAS server. This does not need any AD either.
Thanks, Manju
--
-----------------------------------
This posting is provided "AS IS" with no warranties, and confers no rights
"Emut Yusuf" <emut.yusuf@ntt.co.id> wrote in message
news:ehwxCGdFFHA.3888@TK2MSFTNGP12.phx.gbl...
> Hi All,
>
> Is it possible use Radius server in Windows server 2003 without AD,
> Thanks...
>
> Yusuf
>
>
>
>
| |
| Emut Yusuf 2005-02-20, 6:18 pm |
| Manju, Thanks for your reply, but i have case like this :
I want configure Radius for 802.1x wireless client with D-link 900AP as
Access Point, my w2k 2003 Server as Radius. Idon't install AD in w2k, is it
possible??
Thanks Again..
yusuf
"Manjunath Bharadwaj [MSFT]" <mbhara@online.microsoft.com> wrote in message
news:eY8AV3dFFHA.624@TK2MSFTNGP15.phx.gbl...
> Yusuf,
>
> It is possible to do that. In that case IAS wil only autenticate users
on
> the same machine (SAM database). To do that simply dont register IAS in
AD.
> IAS can also function as a RADIUS proxy and forward authentication
> requests to another IAS server. This does not need any AD either.
>
> Thanks, Manju
>
> --
> -----------------------------------
> This posting is provided "AS IS" with no warranties, and confers no rights
> "Emut Yusuf" <emut.yusuf@ntt.co.id> wrote in message
> news:ehwxCGdFFHA.3888@TK2MSFTNGP12.phx.gbl...
>
>
| |
| Manjunath Bharadwaj [MSFT] 2005-02-20, 6:18 pm |
| Yusuf,
I think your post is a little confusing: is it w2k or 2003?
For wireless auth, are you using PEAP or EAP-TLS? In that case you will
need AD.
If you are using EAP-MD5-CHAP, you dont need an AD. You can authenticate
the local users on the IAS server machine without an AD.
Thanks, Manju
-----------------------------------
This posting is provided "AS IS" with no warranties, and confers no rights
"Emut Yusuf" <emut.yusuf@ntt.co.id> wrote in message
news:uq95$ShFFHA.1296@TK2MSFTNGP10.phx.gbl...
> Manju, Thanks for your reply, but i have case like this :
> I want configure Radius for 802.1x wireless client with D-link 900AP as
> Access Point, my w2k 2003 Server as Radius. Idon't install AD in w2k, is
> it
> possible??
> Thanks Again..
>
> yusuf
>
> "Manjunath Bharadwaj [MSFT]" <mbhara@online.microsoft.com> wrote in
> message
> news:eY8AV3dFFHA.624@TK2MSFTNGP15.phx.gbl...
> on
> AD.
>
>
| |
| James McIllece [MS] 2005-02-20, 6:18 pm |
| Yes, as Manjunath said, you can do this by creating user accounts in the
SAM user accounts database on the Windows Server 2003 IAS server.
You can also use IAS with other LDAP compliant third party user account
databases, and you can use IAS to proxy access requests to other RADIUS
servers if needed.
So in your scenario just do the following:
1. Create user accounts on the Windows Server 2003 computer
2. Install IAS on the Windows Server 2003 computer.
3. Configure the D-link 900AP as a RADIUS client in IAS, and configure the
AP to use the RADIUS protocol, to use the IAS server as the authenticating
server, and enter the same shared secret on the AP and on the IAS server
4. Configure a remote access policy in IAS that allows wireless connections
for users in the local SAM database. Also configure an authentication
method on the IAS server that is supported on the client computer. (For
more info see "Authentication Methods" in IAS Help.)
5. Use the wireless client to connect to the AP with a user account name
and password that you created on the IAS server.
"Emut Yusuf" <emut.yusuf@ntt.co.id> wrote in
news:uq95$ShFFHA.1296@TK2MSFTNGP10.phx.gbl:
> Manju, Thanks for your reply, but i have case like this :
> I want configure Radius for 802.1x wireless client with D-link 900AP
> as Access Point, my w2k 2003 Server as Radius. Idon't install AD in
> w2k, is it possible??
> Thanks Again..
>
> yusuf
>
> "Manjunath Bharadwaj [MSFT]" <mbhara@online.microsoft.com> wrote in
> message news:eY8AV3dFFHA.624@TK2MSFTNGP15.phx.gbl...
> on
> AD.
>
>
>
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
| |
| Emut Yusuf 2005-02-20, 6:18 pm |
| Thanks your reply...i'm using windows 2003 server
Thank You Very Much, now i'm ready to install ...
yusuf
"James McIllece [MS]" <jamesmci@online.microsoft.com> wrote in message
news:Xns9601A5290E493jamesmcionlinemicro
s@207.46.248.16...
> Yes, as Manjunath said, you can do this by creating user accounts in the
> SAM user accounts database on the Windows Server 2003 IAS server.
>
> You can also use IAS with other LDAP compliant third party user account
> databases, and you can use IAS to proxy access requests to other RADIUS
> servers if needed.
>
> So in your scenario just do the following:
>
> 1. Create user accounts on the Windows Server 2003 computer
> 2. Install IAS on the Windows Server 2003 computer.
> 3. Configure the D-link 900AP as a RADIUS client in IAS, and configure the
> AP to use the RADIUS protocol, to use the IAS server as the authenticating
> server, and enter the same shared secret on the AP and on the IAS server
> 4. Configure a remote access policy in IAS that allows wireless
connections
> for users in the local SAM database. Also configure an authentication
> method on the IAS server that is supported on the client computer. (For
> more info see "Authentication Methods" in IAS Help.)
> 5. Use the wireless client to connect to the AP with a user account name
> and password that you created on the IAS server.
>
>
> "Emut Yusuf" <emut.yusuf@ntt.co.id> wrote in
> news:uq95$ShFFHA.1296@TK2MSFTNGP10.phx.gbl:
>
>
>
>
> --
> James McIllece, Microsoft
>
> Please do not send email directly to this alias. This is my online
account
> name for newsgroup participation only.
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
|
|
|
|
|