Re: Radius Server authenticate wih SAM

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Sam Salhi [MSFT] (samers_at_online.microsoft.com)
Date: 10/25/04 

Date: Sun, 24 Oct 2004 20:37:05 -0700

Registering IAS in Active Directory is an Optional step if you want to do
SAM account authentication

Also, if the IAS server is not joined to a domain, then you don't need to
worry about this step either since it doesn't apply

If the IAS server is Joined to a domain and you still want to do SAM
authentication there are 3 ways (at least) to do this

A) Have your users specify the domain name in the request, this domain name
must be equal to the IAS server name
B) For win2k do realm replacement to prefix the user request with your
computer name:
    1) For win2k use realm replacement of "^" with the IAS server name+"\"
(without the quotes in both cases)
    2) For Win2k3 use Attribute manipulation in the Connection request
processing policy to do the same thing
C) Change the default domain registry key to reflect the server name
    Open Regeidt, navigate to:
    HKLM\SYSTEM\CurrentControlSet\Services\RasMan\PPP\ControlProtocols\BuiltIn
    Create/Modify the key:
        "DefaultDomain"
        Type "Reg_SZ"
        Value= your computer name
[Check IAS help for more details]

Hope this helps 

-- 
      =============================================
  This posting is provided "AS IS" with no warranties, and confers no 
rights.
      =============================================
"deep" <deep@discussions.microsoft.com> wrote in message 
news:18809133-1177-45FC-B561-8D889B10C74E@microsoft.com...
> Hi All
>
> We have to make one RADIUS Server( windows 2003 standard edition ,
> standalone ). there is no ADS configured.
>
> we wish RADIUS Server to work with local SAM
>
> i read in steps that RADIUS server has be regietserd with ADS after
> installing to enabel to auth agains ads users , but what about in case IAS
> service has been installed on win2k standalone server . do we need to do
> anything to let it work with SAM or it will automatically work ?
>
> pls help
>
> thanks
> dee
>
>

Relevant Pages

  • Re: WLAN authentication sometimes fail
    ... But what I did was to disable server authentication in the client settings. ... My IAS server has two certificates installed, one wildcard certificate from a trusted root and one from our internal CA. ... The PEAP settings on the IAS server were set to use the wildcard certificate and my laptop had both installed as trusted root CAs. ... I have set up a wireless network in our office. ...
    (microsoft.public.internet.radius)
  • Re: Authenticate a machine to radius?
    ... Installing a wireless network card in the PC makes it a wireless client, ... not a RADIUS server, RADIUS proxy, or wireless AP/RADIUS client. ... Make sure the shared secrets on the AP and the IAS server match. ...
    (microsoft.public.internet.radius)
  • Re: PEAP Authentication Fails
    ... What is your radius server? ... However, I suspect that this is the issue, because if the IAS server doesn't ... allow fast reconnect, it should fall back to a full authentication. ... to the supplicant to decide wether to use ...
    (microsoft.public.internet.radius)
  • Re: Two "differrent" Radius Server for ISA
    ... You could use the new capability of Windows Server 2003's Internet ... Authentication Service to forward requests for another realm to a different ... IAS server. ...
    (microsoft.public.isa.enterprise)
  • Re: Radius Server authenticate wih SAM
    ... > Also, if the IAS server is not joined to a domain, then you don't need to ... > If the IAS server is Joined to a domain and you still want to do SAM ... >> we wish RADIUS Server to work with local SAM ...
    (microsoft.public.internet.radius)