در مورد نصب nttac pluss ویندوز 2008
دوستان عزیز کسی تا به حال بدون مشکل این کارو انجام داده؟ همچین چیزی ممکن هست؟
ایا این روش جواب داده؟
[FONT=Palatino Linotype][SIZE=5][SIZE=5][SIZE=5]
[/SIZE][/SIZE] [/SIZE][/FONT][B][FONT=Palatino Linotype][SIZE=5]Configuring Server 2008 for RADIUS Authentication[/SIZE][/FONT][/B]
I like connecting to my network using my pfSense firewall's built-in *** server. Following these steps, I can configure Windows Server 2008 to provide the authentication credentials for pfSense via RADIUS. I figured this out using [URL="http://support.mof.go.th/radius_windows.html"]this great guide[/URL] that I referenced for Windows Server 2003...
[B]
Enable "reversible password encryption" for your domain users.
[/B][I]
Globally:[/I]
[LIST=1][*] Admin Tools - Group Policy Management[*] Choose your forest, domain and then right click your Default Domain Policy and choose Edit.[*] Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy -> Store passwords using reversible encryption = Enabled.[/LIST]
[I]Per User:[/I]
[LIST=1][*] I prefer doing it globally, but you can do it on a per user basis by opening your domain user's properties and checking "Store password using reversible encryption" on the Account tab.[/LIST]
*Restart the domain controller after these Group Policy changes.
[B]
Enable Windows Server 2008 Network Policy Server (NPS)[/B]
[LIST=1][*] Add the "Network Policy and Access Services" role to your domain controller.[*] Enable these role services during installation:
Network Policy Server
Routing & Remote Access Services
Remote Access Service
Routing[/LIST]
[B]Verify the RADIUS Port Numbers[/B]
[LIST=1][*] Server Manager -> Roles -> Network Policy and Access -> Right-click NPS (Local) -> Properties -> Ports Tab.[*] Verify the defaults for Authentication are 1812,1645.[*] Verify the defaults for Accounting are 1813, 1646.[*] The 18 set is for a secure connection, or vice-versa. You can change things to match your RADIUS client, but the defaults should be fine.[/LIST]
[B]Add a new RADIUS Client[/B]
[LIST=1][*] NPS (Local) -> RADIUS Clients and Servers -> RADIUS Clients -> Right-click Add new Client.[*] Add a name, the ip address of your client and create a shared secret.[/LIST]
[B]Add a new Network Policy[/B]
[LIST=1][*] NPS (Local) -> Policies -> Right-click Network Policies -> Add new.[*] Enter a name and leave Type of network access server as Unspecified. Click Next.[*] Add a condition. Choose Windows Groups. Add a Group ("Domain Users" for example). Click OK, then Next.[*] Choose Access Granted. Click Next.[*] Leave the default Authentication Methods. Click Next.[*] Leave the Default Constraints. (Although they look like some cool new features you may want to use.) Click Next.[*] Leave the Default Settings. Click Next.[*] Click Finish.[/LIST]
[B]Granting or Denying Access to Users[/B]
[LIST=1][*] Right click a domain user -> Properties -> Dial-in tab.[*] You can Grant or Deny here, but I just leave the NPS Policy we setup earlier to allow all domain users through.[/LIST]
[B]Configure your RADIUS Client[/B]
[LIST=1][*] In this case, I enable a PPTP *** server on my pfSense firewall and point it to my domain controller/NPS services machine where we just configured everything. Input the shared secret and then login from anywhere![/LIST]
[B]موفق باشید[/B]