Setting up Active Directory on Windows Server 2012:
A RADIUS server can be configured on Windows Server 2012 using Active Directory and Network Policy Server.
2.1 Installation
- Active Directory and Network Policy Server can be installed by going to the Server Manager and in the Dashboard and clicking Add roles and features.
2.2 Configuration
- Network Policy Server
- Top node "NPS" → Right click → Register server in Active Directory
- RADIUS Clients → Right click → New
- Friendly name : anything
- Address: netLD server IP address
- shared secret
- OK
- Network Policies → Right click → New
- Policy name: anything
- Next
- Conditions → Add → User Groups → Add → Add Groups → Domain Users
- Next
- Permission, leave defaults (Access Granted)
- Next
- Authentication Methods → check: Unencrypted authentication
- Next
- Constraints, leave defaults
- Next
- Settings → RADIUS Attributes → Standard → Add…
- Attribute: Filter-Id → Add…
- Attribute Information → Add..
- String value: 'role:Administrator'
- OK
- OK
- Close
- Next
- Finish
This configuration allows netLD users to authenticate as a domain user and will grant the user the Administrator role. You can create any number of Network Policies; each one can represent a different group of users with different RADIUS attributes applied. For example, if you have two roles, Administrator and Operator, you can create one Network Policy for each and specify the Filter-Id appropriately for each