NPS Knowledge Transfer document:

(1)

1

NPS KT document………by…..Enayat Meer…[email protected]…..

NPS Knowledge Transfer document:

Note this document is a complete document that includes

basic/advance & expert level steps. Enayat Meer

Install NPS role on primary server

Add features

(2)

2

(3)

3

(4)

4

NPS KT document………by…..Enayat Meer…[email protected]….. Register NPS in Active directory

(5)

5

(6)

6

A certificate was installed on NPS server at this point. This is a sample certificate from my own test environment using meer.com domain. I installed AD root CA (sample screen test environment). We already have available certificate in production NPS servers (installed already)

Adding radius client

(7)

7

(8)

8

Let’s go and create a shared key template for wireless and wired devices first at this point

(9)

9

(10)

10

NPS KT document………by…..Enayat Meer…[email protected]….. Now I am going back to edit radius client for shared secret using template

(11)

11

(12)

12

(13)

13

NPS KT document………by…..Enayat Meer…[email protected]….. Adding vendor from advance tab

(14)

14

(15)

15

NPS KT document………by…..Enayat Meer…[email protected]….. Creating Network Policy

(16)

16

(17)

17

(18)

18

(19)

19

I am adding domain users for demo purposes now but, this group should be customized global security group as mentioned later in this document

(20)

20

(21)

21

NPS KT document………by…..Enayat Meer…[email protected]….. Grant access or deny access as needed

Use configuratin as shown below for authentaction mehtods

(22)

22

(23)

23

NPS KT document………by…..Enayat Meer…[email protected]….. Edit service type to login

(24)

24

(25)

25

NPS KT document………by…..Enayat Meer…[email protected]….. Add vendor and previllage

(26)

26

(27)

27

NPS KT document………by…..Enayat Meer…[email protected]….. Click on Finish

(28)

28

(29)

29

NPS KT document………by…..Enayat Meer…[email protected]….. Configure log file path

(30)

30

(31)

31

NPS KT document………by…..Enayat Meer…[email protected]….. Install NPS on secondary server now and register in Active Directory

(32)

32

(33)

33

On the source NPS server such as 39Radius, open Command Prompt, type netsh, and then press Enter. At the netsh prompt, type nps, and then press Enter (sample command is shown in these both screens)

(34)

34

NPS KT document………by…..Enayat Meer…[email protected]….. OR filename could be

Config.xml

as hown below

(35)

35

This stores configuration settings (including registry settings) in an XML file. The path can be relative or absolute, or it can be a Universal Naming Convention (UNC) path. After you press Enter, a message appears indicating whether the export to file was successful.

Copy the file you created to the destination NPS server. At a command prompt on the destination NPS server, type

netsh nps import filename="C:\config.xml"

and then press Enter. A message appears indicating whether the import from the XML file was successful. Make sure exported file is copied at target location.

Active Directory & Group Policy configuration:

Sample global security group with one member that can be a condition as I configured domain

users group earlier

(36)

36

Create a test user and add test user as member of NPSUsers group and follow as pointed in screens below.

(37)

37

NPS KT document………by…..Enayat Meer…[email protected]….. These are group policy screens pointing action with arrows

(38)

38

(39)

39

(40)

40

(41)

41

(42)

42

(43)

43

(44)

44

(45)

45

NPS KT document………by…..Enayat Meer…[email protected]….. Remote Radisu Server Groups for load balance

(46)

46

(47)

47

NPS KT document………by…..Enayat Meer…[email protected]….. Thank You: Enayat Meer