設定遠端 RADIUS 伺服器群組Configure Remote RADIUS Server Groups

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

當您想要設定 NPS 做為 proxy 伺服器並向前連接要求處理的其他 NPS 伺服器設定遠端 RADIUS 伺服器群組,您可以使用此主題。You can use this topic to configure remote RADIUS server groups when you want to configure NPS to act as a proxy server and forward connection requests to other NPS servers for processing.

新增遠端 RADIUS 伺服器群組Add a Remote RADIUS Server Group

若要新增新的遠端 RADIUS 伺服器群組的網路原則 Server (NPS) 嵌入式管理單元,您可以使用此程序。You can use this procedure to add a new remote RADIUS server group in the Network Policy Server (NPS) snap-in.

當您設定 NPS RADIUS proxy 為時,您建立新連接要求原則 NPS 用來判斷哪一個連接要求轉寄給其他 RADIUS 伺服器。When you configure NPS as a RADIUS proxy, you create a new connection request policy that NPS uses to determine which connection requests to forward to other RADIUS servers. 此外,連接要求原則藉由遠端 RADIUS 伺服器群組,其中包含一個或多個 RADIUS 伺服器、告訴 NPS 傳送連接要求符合連接要求原則的位置。In addition, the connection request policy is configured by specifying a remote RADIUS server group that contains one or more RADIUS servers, which tells NPS where to send the connection requests that match the connection request policy.

注意

您也可以在建立新連接要求原則的程序期間設定新的遠端 RADIUS 伺服器群組。You can also configure a new remote RADIUS server group during the process of creating a new connection request policy.

資格在網域系統管理員,或相當於,才能完成此程序最小值。Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure.

若要新增的遠端 RADIUS 伺服器群組To add a remote RADIUS server group

  1. 在伺服器管理員中,按一下工具,然後按一下 [的網路原則伺服器打開 NPS 主機。In Server Manager, click Tools, and then click Network Policy Server to open the NPS console.
  2. 在主控台按兩下 [ RADIUS 戶端與伺服器,以滑鼠右鍵按一下遠端 RADIUS 伺服器群組,,然後按一下 [In the console tree, double-click RADIUS Clients and Servers, right-click Remote RADIUS Server Groups, and then click New.
  3. 新遠端 RADIUS 伺服器群組對話方塊。The New Remote RADIUS Server Group dialog box opens. 群組名稱,輸入遠端 RADIUS 伺服器群組的名稱。In Group name, type a name for the remote RADIUS server group.
  4. 中 RADIUS 伺服器],按一下 [新增]In RADIUS Servers, click Add. 新增 RADIUS 伺服器]對話方塊。The Add RADIUS Servers dialog box opens. 輸入您想要加入該群組,或輸入 RADIUS 伺服器的完整網域名稱 (FQDN),然後按一下 RADIUS 伺服器的 IP 位址確認Type the IP address of the RADIUS server that you want to add to the group, or type the Fully Qualified Domain Name (FQDN) of the RADIUS server, and then click Verify.
  5. 新增 RADIUS 伺服器,按一下 [驗證日計量索引標籤。在共用密碼確認共用的密碼,輸入共用的密碼。In Add RADIUS Servers, click the Authentication/Accounting tab. In Shared secret and Confirm shared secret, type the shared secret. 當您將會在本機電腦設定為 RADIUS client 遠端 RADIUS 伺服器上,您必須使用相同的共用的密碼。You must use the same shared secret when you configure the local computer as a RADIUS client on the remote RADIUS server.
  6. 如果您不使用的驗證延伸驗證通訊協定 (EAP),請按一下要求必須包含訊息 authenticator 屬性If you are not using Extensible Authentication Protocol (EAP) for authentication, click Request must contain the message authenticator attribute. EAP 使用預設的郵件-Authenticator 屬性。EAP uses the Message-Authenticator attribute by default.
  7. 請確認驗證及計量連接埠號碼的正確的部署。Verify that the authentication and accounting port numbers are correct for your deployment.
  8. 如果您使用不同的分享的密碼,請在計量,清除使用相同的共用的密碼驗證及計量核取方塊,並輸入中的計量共用的密碼,然後共用密碼確認共用的密碼If you use a different shared secret for accounting, in Accounting, clear the Use the same shared secret for authentication and accounting check box, and then type the accounting shared secret in Shared secret and Confirm shared secret.
  9. 如果您不想轉送網路存取伺服器開始和停止訊息,以遠端 RADIUS 伺服器、清除向前網路存取伺服器 [開始] 畫面與停止此伺服器通知核取方塊。If you do not want to forward network access server start and stop messages to the remote RADIUS server, clear the Forward network access server start and stop notifications to this server check box.

如需有關管理 NPS 的詳細資訊,請查看管理的網路原則伺服器]For more information about managing NPS, see Manage Network Policy Server.

如需 NPS 的詳細資訊,請查看的網路原則 Server (NPS)For more information about NPS, see Network Policy Server (NPS).