Netsh commands for AAAA

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Netsh commands for AAAA

You can use commands in the Netsh AAAA context to show and set the configuration of the authentication, authorization, accounting, and auditing (AAAA) database used by the Internet Authentication Service (IAS) and the Routing and Remote Access service. The AAAA database is also known as the IAS database (Ias.mdb). The primary use of commands in the Netsh AAAA context is to:

  • Export the configuration of one IAS server, including registry keys and the IAS database (ias.mdb), as a Netsh script using either the dump command or one of the show commands.

  • Import the configuration to another IAS server using the netsh exec command, and a Netsh script that contains the set config command.

You can run these commands from the Windows Server 2003 family command prompt or from the command prompt for the Netsh AAAA context. For these commands to work at the Windows Server 2003 family command prompt, you must type netsh aaaa before typing commands and parameters as they appear in the syntax below. There might be functional differences between Netsh context commands on Windows 2000 and the Windows Server 2003 family.

For more information on Netsh, see Netsh overview and Enter a netsh context.

Netsh AAAA command reference

  • dump

  • set config

  • show clients

  • show config

  • show connection_request_policies

  • show logging

  • show remote_access_policies

  • show server_settings

  • show version

dump

Displays the configuration of the IAS database file (Ias.mdb) as a Netsh command script.

Syntax

dump

Remarks
  • The dump command displays the Netsh command script that you can use to duplicate the configuration of the server running IAS or the Routing and Remote Access service on which the command is executed. The Netsh command script contains the configuration of the IAS server, including the registry keys and database file (Ias.mdb), in a compressed text format as a large data block. This large data block is used by the set config command within the script to import the configuration of a saved data block into an existing IAS database on the same or another computer using the netsh exec command. To save the Netsh command script to a file, type: **netsh aaaa show config >**Path\File.txt

  • The dump command is not supported on computers running Windows 2000 server.

set config

Configures the IAS server and IAS database (Ias.mdb) with the registry keys and database imported from the specified data block.

Syntax

set config [type={server_settings | clients | connection_request_policies | logging | remote_access_policies] **blob=**DataBlock}

Parameters
  • ****blob=DataBlock
    Required. Specifies the file that contains the configuration of the IAS server, including registry keys and IAS database (Ias.mdb), in a compressed text format as output by the dump or show commands.
  • type=
    Specifies the kind of data that you want to import from the DataBlock to the local server configuration.
  • server_settings
    Specifies that the server configuration settings are imported from the DataBlock to the local server. The imported settings include server Description, system event log settings, registry keys, and ports that are used specifically for the IAS service.
  • clients
    Specifies that the settings for RADIUS clients, as viewed in the IAS console, are imported to the local server from DataBlock.
  • connection_request_policies
    Specifies that the IAS settings for Connection Request Processing, including Connection Request Policies and Remote RADIUS server Groups, are imported to the local server from DataBlock.
  • logging
    Specifies that the IAS settings for Remote Access Logging are imported to the local server from DataBlock.
  • remote_access_policies
    Specifies that the IAS settings for Remote Access Policies are imported to the local server from DataBlock.
Remarks
  • Running the set config command manually is not supported. This command is used only within a Netsh command script that is created by using the dump or show commands.

  • To view the version of the IAS database on which the Netsh script is being run, use the show version command. Scripts older than those created with Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; and Windows Server 2003, Datacenter Edition are supported.

  • The configuration of IAS servers running on products in the Windows 2000 server family can be imported into products in the Windows Server 2003 family with set config. The reverse, however, is not possible.

show clients

Displays the RADIUS client list for the local IAS server.

Syntax

show clients

Remarks
  • This command dumps the RADIUS client list of the IAS server on which the command is executed. In the IAS console, this client list is displayed in RADIUS Clients.

  • The Netsh command script contains the local server settings, including registry keys and the IAS database (Ias.mdb), as a large data block in a compressed text format. To import the configuration into an existing IAS server on either the same or another computer, you can use the netsh exec command. To save the Netsh command script to a file, type **netsh aaaa show clients >**Path\File.txt at a command prompt.

  • This command is not available on computers running Windows 2000 Server.

show config

Displays the configuration of the IAS database file (Ias.mdb) as a Netsh command script.

Syntax

show config

Remarks
  • The show config command is equivalent to the dump command.

  • The show config command displays the Netsh command script that you can use to duplicate the configuration of the server running IAS or the Routing and Remote Access service on which the command is run. The Netsh command script contains the configuration of the IAS server, including registry keys and the IAS database (Ias.mdb), as a large data block in a compressed text format. To import the configuration into an existing IAS server on either the same or another computer, you can use the netsh exec command. To save the Netsh command script to a file, type **netsh aaaa show config >**Path\File.txt at a command prompt.

  • This command is not available on computers running Windows 2000 Server.

show connection_request_policies

Displays the Connection Request Processing policies configuration of the IAS server in script format.

Syntax

show connection_request_policies

Remarks
  • This command displays Connection Request Policies for the IAS server on which the command is run. In the IAS console, these policies are displayed in Connection Request Processing and include Connection Request Policies and Remote RADIUS server Groups.

  • The Netsh command script contains the local server settings as a large data block in a compressed text format. To import the configuration into an existing IAS server on either the same or another computer, you can use the netsh exec command. To save the Netsh command script to a file, type **netsh aaaa show connection_request_policies >**Path\File.txt at a command prompt.

  • This command is not available on computers running Windows 2000 Server.

show logging

Displays the logging configuration for the local IAS server.

Syntax

show logging

Remarks
  • This command displays the Remote Access Logging configuration for the IAS server on which the command is run. In the IAS console, this information is displayed in Remote Access Logging.

  • The Netsh command script contains the local server settings as a large data block in a compressed text format. To import the configuration into an existing IAS server on either the same or another computer, you can use the netsh exec command. To save the Netsh command script to a file, type **netsh aaaa show logging >**Path\File.txt at a command prompt.

  • This command is not available on computers running Windows 2000 Server.

show remote_access_policies

Displays all objects within the remote access policy.

Syntax

show remote_access_policies

Remarks
  • This command displays the Remote Access Policies for the IAS server on which the command is run. In the IAS console, this information is displayed in Remote Access Policies.

  • The Netsh command script contains the local server settings as a large data block in a compressed text format. To import the configuration into an existing IAS server on either the same or another computer, you can use the netsh exec command. To save the Netsh command script to a file, type **netsh aaaa show remote_access_policies >**Path\File.txt at a command prompt.

  • This command is not available on computers running Windows 2000 Server.

  • The following registry keys and values are displayed:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\ControlProtocols\BuiltIn\DefaultDomain\REG_SZ

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Allow LM Authentication\REG_DWORD

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Default User Identity\REG_SZ

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\User Identity Attribute\REG_DWORD

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Override User-Name\REG_DWORD

show server_settings

Displays the configuration of the local IAS server as a Netsh command script.

Syntax

show server_settings

Remarks
  • This command displays the configuration of server settings for the IAS server on which the command is run. These settings include:

    • Server description

    • Settings for accounting and authorization events in the system event log

    • Ports used by the service

    • Registry keys and their values

    In the IAS console, this information is displayed in server Properties.

  • The Netsh command script contains the local server settings as a large data block in a compressed text format. This large data block is used within the script by the netsh exec command to import the configuration of a saved data block into an existing IAS server on the same or another computer. To save the Netsh command script to a file, type **netsh aaaa show server_settings >**Path\File.txt at a command prompt.

  • This command is not available on computers running Windows 2000 Server.

  • The following registry keys and values are displayed:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IAS\Parameters\Allow SNMP Set\REG_DWORD

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout\MaxDenials\REG_DWORD

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout\ResetTime\REG_DWORD

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IAS\Parameters\Ping User-Name\REG_SZ

show version

Displays the version of the IAS database.

Syntax

show version

Examples

To display the Netsh command script that shows the IAS database in its current state, type:

show config

To display the version of the IAS database running on a server, type:

show version

Formatting legend

Format Meaning

Italic

Information that the user must supply

Bold

Elements that the user must type exactly as shown

Ellipsis (...)

Parameter that can be repeated several times in a command line

Between brackets ([])

Optional items

Between braces ({}); choices separated by pipe (|). Example: {even|odd}

Set of choices from which the user must choose only one

Courier font

Code or program output

See Also

Concepts

Netsh commands for DHCP
Netsh diagnostic (diag) commands
Netsh commands for Interface IP
Netsh commands for remote access (ras)
Netsh commands for Routing
Netsh commands for WINS
Command-line reference A-Z
Command shell overview