Re: AD required to use IAS?
From: LiquidNoize (mike.made_at_att.net)
Date: 08/24/04
- Next message: James McIllece [MS]: "Re: IAS configuration for authenticating passport 8600"
- Previous message: anonymous_at_discussions.microsoft.com: "How to setup IAS to restrict user access to certain servers"
- In reply to: James McIllece [MS]: "Re: AD required to use IAS?"
- Messages sorted by: [ date ] [ thread ]
Date: 24 Aug 2004 09:01:14 -0700
Thanks James. That's good news!
"James McIllece [MS]" <jamesmci@online.microsoft.com> wrote in message news:<Xns9544853912BCFjamesmcionlinemicros@207.46.248.16>...
> mike.made@att.net (LiquidNoize) wrote in
> news:d0d6d39d.0408131118.7619b443@posting.google.com:
>
> > I want to set up wireless users to authenticate via IAS to get access
> > to the network. Does the IAS server have to be in a domain or can I
> > just use local server accounts? Also, would I use peap-ms-chapv2 for
> > this? It will only be for 5 users so I would like to avoid AD right
> > now if possible. Thanks -Mike
> >
>
> No you don't need AD, you can just configure user accounts on the IAS
> server's security accounts manager (SAM) database.
>
> If you want to use PEAP-MS-CHAP v2 as the authentication method, you will
> need to purchase a server authentication certificate from Verisign (or
> another company) whose root CA certificate is already in the Trusted Root
> Certification Authorities store on client computers. (In other words, the
> IAS server must have a certificate that is issued by a CA that clients
> already trust -- otherwise you would have to deploy Certificate Services
> and then enroll certs to clients, which you don't want to do in your
> circumstance.)
>
> If you look at the IAS Help, you will see checklists that step you through
> how to set up secure wireless remote access policy with PEAP. Also see the
> Verisign whitepaper, "Obtaining and Installing a VeriSign WLAN Server
> Certificate for PEAP-MS-CHAP v2 Wireless Authentication" at
> http://www.microsoft.com/downloads/details.aspx?FamilyID=1971d43c-d2d9-
> 408d-bd97-139afc60996b&DisplayLang=en
>
> Another good one: "Enterprise Deployment of Secure 802.11 Networks Using
> Microsoft Windows" at
> http://www.microsoft.com/windowsserver2003/technologies/ias/default.mspx,
> although this whitepaper assumes you are using AD.
- Next message: James McIllece [MS]: "Re: IAS configuration for authenticating passport 8600"
- Previous message: anonymous_at_discussions.microsoft.com: "How to setup IAS to restrict user access to certain servers"
- In reply to: James McIllece [MS]: "Re: AD required to use IAS?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
