8.2 Setting up Active Directory on Windows Server 2012
A RADIUS server can be configured on Windows Server 2012 using Active Directory and Network Policy Server.
8.2.1 Installation
Active Directory and Network Policy Server can be installed by going to the Server
Manager and in the Dashboard and clicking Add roles and features.
8.2.2 Configuration
1. Network Policy Server
(a) Top node ”NPS” → Right click → Register server in Active Directory
(b) RADIUS Clients → Right click → New
i. Friendly name : anything
ii. Address: netLD server IP address
iii. shared secret
iv. OK
(c) Network Policies → Right click → New
i. Policy name: anything ii. Next
iii. Conditions → Add → User Groups → Add → Add Groups → Domain Users
iv. Next
v. Permission, leave defaults (Access Granted)
vi. Next
vii. Authentication Methods → check: Unencrypted authentication
viii. Next
ix. Constraints, leave defaults
x. Next
xi. Settings → RADIUS Attributes → Standard → Add. . .
A. Attribute: Filter-Id → Add. . .
B. Attribute Information → Add..
C. String value: ’role:Administrator’ D. OK
xii. OK
(d) Close
2. Next
3. Finish
This configuration allows netLD users to authenticate as a domain user and will grant the user the Administrator role. You can create any number of Net- work Policies; each one can represent a different group of users with different RADIUS attributes applied. For example, if you have two roles, Administrator and Operator, you can create one Network Policy for each and specify the Filter-Id appropriately for each.