8.2     Setting up Active Directory on Windows Server 2012


A RADIUS server can be configured on Windows  Server 2012 using Active Directory and Network Policy Server.


8.2.1   Installation


Active Directory and Network Policy Server can be installed by going to the Server

Manager and in the Dashboard and clicking Add roles and features.



8.2.2   Configuration


1. Network Policy Server

  (a) Top node ”NPS” → Right click → Register server in Active Directory

  (b) RADIUS Clients → Right click → New

    i. Friendly name  : anything

    ii. Address: netLD server IP address

    iii. shared secret

    iv. OK

  (c) Network Policies → Right click → New

    i. Policy name: anything ii. Next

    iii. Conditions → Add → User Groups → Add → Add Groups → Domain Users

    iv. Next

    v. Permission, leave defaults (Access Granted)

    vi. Next

    vii. Authentication Methods → check: Unencrypted  authentication

    viii. Next

    ix. Constraints, leave defaults

    x. Next

    xi. Settings → RADIUS Attributes → Standard → Add. . .

      A. Attribute: Filter-Id → Add. . .

      B. Attribute Information → Add..

      C. String value: ’role:Administrator’ D. OK

    xii. OK

  (d) Close

2. Next

3. Finish


This configuration allows netLD users to authenticate  as a domain user and will grant the user the Administrator  role. You can create any number of Net- work Policies;  each one can represent a different group of users with different RADIUS attributes applied.  For example, if you have two roles, Administrator and Operator, you can create one Network Policy for each and specify the Filter-Id appropriately for each.