NPS - help me to understand AD registration pls

Hi,

We have four NPS servers that are not registered in AD. We use NPS servers for WiFi authentication; we have only one network policy for granting access to the network, the authentication option is PEAP.

My question is: will be the peap-authorization broken if I'll register all of the NPS servers in AD? Should the NPS server start verifying user credentials by default?


  • Edited by EugenBerend Monday, June 22, 2015 9:55 AM typo
June 22nd, 2015 9:13am
Hi,

According to your description, my understanding is that if the NPS(PEAP) still work after joining stand along NPS server to AD domain.

In general, certificate should be considered if switch NPS(certificate based) between work group and domain. And based on my experience, it should works if registry NPS to an domain:
Register an NPS Server in Another Domain
https://technet.microsoft.com/en-us/library/cc753571(v=ws.10).aspx

Best Regards,
Eve Wang
Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2015 5:11am

Hi,

My NPS roles are installed on domain controllers.

Thanks!

After registering, should I enable "ignore user account dial-in properties" option?

June 23rd, 2015 7:13am

Hi,

Its depends on your requirement, you may reference link below for detailed information about Configure NPS to Ignore User Account Dial-in Properties, it has described the circumstances where you might want to configure NPS to ignore the dial-in properties of user accounts:
https://technet.microsoft.com/en-us/library/cc732252(v=ws.10).aspx

Best Regards,
Eve Wang

Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2015 10:11pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics