網路原則伺服器 (NPS)Network Policy Server (NPS)

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

您可以使用此主題適用於 Windows Server 2016 中的網路原則伺服器的概觀。You can use this topic for an overview of Network Policy Server in Windows Server 2016.

注意

本主題中,除了下列 NPS 文件會提供。In addition to this topic, the following NPS documentation is available.

網路原則 Server (NPS) 可讓您建立並執行適用於連接要求驗證與授權全組織網路存取原則。Network Policy Server (NPS) allows you to create and enforce organization-wide network access policies for connection request authentication and authorization.

您也可以設定 NPS 遠端驗證 Dial 使用者服務 (RADIUS) proxy 要求轉送給連接遠端 NPS 或其他 RADIUS 伺服器,讓您可以負載平衡連接要求和轉寄驗證與授權正確的網域。You can also configure NPS as a Remote Authentication Dial-In User Service (RADIUS) proxy to forward connection requests to a remote NPS or other RADIUS server so that you can load balance connection requests and forward them to the correct domain for authentication and authorization.

NPS 可讓您集中設定及管理網路存取驗證、授權及下列功能計量︰NPS allows you to centrally configure and manage network access authentication, authorization, and accounting with the following features:

  • RADIUS 伺服器RADIUS server. NPS 執行集中式的驗證、授權及計量無線、驗證切換、遠端存取撥號以及連接私人網路 virtual (VPN)。NPS performs centralized authentication, authorization, and accounting for wireless, authenticating switch, remote access dial-up and virtual private network (VPN) connections. 當您使用 NPS RADIUS 伺服器時,您可以為中 NPS RADIUS 戶端設定網路存取伺服器,例如 wireless 存取點和 VPN 伺服器。When you use NPS as a RADIUS server, you configure network access servers, such as wireless access points and VPN servers, as RADIUS clients in NPS. 您也需要 NPS 授權連接要求,使用的網路原則設定,以便 NPS 登計量資訊來登入本機硬碟或的 Microsoft SQL Server 資料庫中的檔案,您可以設定 RADIUS 計量。You also configure network policies that NPS uses to authorize connection requests, and you can configure RADIUS accounting so that NPS logs accounting information to log files on the local hard disk or in a Microsoft SQL Server database. 如需詳細資訊,請查看RADIUS 伺服器For more information, see RADIUS server.
  • RADIUS proxyRADIUS proxy. 當您使用 NPS RADIUS proxy 時,您可以設定告訴哪些連接要求送給其他 RADIUS 伺服器和您想要轉寄連接要求哪些 RADIUS 伺服器 NPS 伺服器連接要求原則。When you use NPS as a RADIUS proxy, you configure connection request policies that tell the NPS server which connection requests to forward to other RADIUS servers and to which RADIUS servers you want to forward connection requests. 您也可以設定 NPS 向前計量資料來登入遠端 RADIUS 伺服器群組中的一或多個電腦。You can also configure NPS to forward accounting data to be logged by one or more computers in a remote RADIUS server group. 若要設定 NPS RADIUS proxy 伺服器,查看下列主題。To configure NPS as a RADIUS proxy server, see the following topics. 如需詳細資訊,請查看RADIUS proxyFor more information, see RADIUS proxy.
  • RADIUS 計量RADIUS accounting. 您可以設定 NPS 登事件本機登入檔案,或是的 Microsoft SQL Server 本機或遠端執行個體。You can configure NPS to log events to a local log file or to a local or remote instance of Microsoft SQL Server. 如需詳細資訊,請查看NPS 登入For more information, see NPS logging.

重要

網路存取保護 (NAP)、健康登記授權單位 (HRA),主機 Credential 授權通訊協定 (HCAP) 而被取代在 Windows Server 2012 R2,並不是在 Windows Server 2016 中可使用。Network Access Protection (NAP), Health Registration Authority (HRA), and Host Credential Authorization Protocol (HCAP) were deprecated in Windows Server 2012 R2, and are not available in Windows Server 2016. 如果您使用 Windows Server 2016 以前作業系統 NAP 部署,您將無法 NAP 部署移轉到 Windows Server 2016。If you have a NAP deployment using operating systems earlier than Windows Server 2016, you cannot migrate your NAP deployment to Windows Server 2016.

您可以使用這些功能的任何組合來設定 NPS。You can configure NPS with any combination of these features. 例如,您可以設定一個 NPS 伺服器 VPN 連接 RADIUS 伺服器以及也 RADIUS proxy 轉送一些連接要求驗證及其他網域中的授權遠端 RADIUS 伺服器群組成員。For example, you can configure one NPS server as a RADIUS server for VPN connections and also as a RADIUS proxy to forward some connection requests to members of a remote RADIUS server group for authentication and authorization in another domain.

Windows Server 版本和 NPSWindows Server Editions and NPS

NPS 提供根據您所安裝的 Windows Server 的版本不同的功能。NPS provides different functionality depending on the edition of Windows Server that you install.

Windows Server 2016 Datacenter EditionWindows Server 2016 Datacenter Edition

具有 NPS 在 Windows Server 2016 Datacenter,您可以設定無限 RADIUS 戶端和遠端 RADIUS 伺服器群組。With NPS in Windows Server 2016 Datacenter, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. 此外,您可以設定 RADIUS 戶端指定 IP 位址。In addition, you can configure RADIUS clients by specifying an IP address range.

Windows Server 2016 Standard EditionWindows Server 2016 Standard Edition

具有 NPS 在 Windows Server 2016 標準,您可以設定最多的 50 RADIUS 用並最多 2 遠端 RADIUS 伺服器群組。With NPS in Windows Server 2016 Standard, you can configure a maximum of 50 RADIUS clients and a maximum of 2 remote RADIUS server groups. 您可以定義 RADIUS client 使用的完整的網域名稱或 IP 位址,但您不能指定 IP 位址範圍定義的 RADIUS 用群組。You can define a RADIUS client by using a fully qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. 如果 RADIUS client 的完整的網域名稱解析為多個 IP 位址,NPS 伺服器使用傳回查詢網域名稱系統」(DNS) 中的第一個 IP 位址。If the fully qualified domain name of a RADIUS client resolves to multiple IP addresses, the NPS server uses the first IP address returned in the Domain Name System (DNS) query.

下列章節提供 NPS RADIUS 伺服器以及 proxy 更多詳細的資訊。The following sections provide more detailed information about NPS as a RADIUS server and proxy.

RADIUS 伺服器,並 proxyRADIUS server and proxy

您可以使用 NPS RADIUS 伺服器、RADIUS proxy,或兩者。You can use NPS as a RADIUS server, a RADIUS proxy, or both.

RADIUS 伺服器RADIUS server

NPS 是 Microsoft 的標準 RADIUS 指定 Rfc 2865 和 2866 年網際網路工程設計工作人員 (IETF)。NPS is the Microsoft implementation of the RADIUS standard specified by the Internet Engineering Task Force (IETF) in RFCs 2865 and 2866. 為 RADIUS 伺服器、NPS 執行集中的連接驗證、授權及計量許多類型的網路存取權,包括無線,驗證切換,撥號和 (VPN) 遠端存取 virtual 私人網路,以及連接至路由器。As a RADIUS server, NPS performs centralized connection authentication, authorization, and accounting for many types of network access, including wireless, authenticating switch, dial-up and virtual private network (VPN) remote access, and router-to-router connections.

注意

如部署 NPS RADIUS 伺服器的資訊,請查看部署的網路原則伺服器For information on deploying NPS as a RADIUS server, see Deploy Network Policy Server.

NPS 可讓您使用的無線異質性設定、切換、遠端存取或 VPN 設備。NPS enables the use of a heterogeneous set of wireless, switch, remote access, or VPN equipment. 您可以使用遠端存取服務,可在 Windows Server 2016 NPS。You can use NPS with the Remote Access service, which is available in Windows Server 2016.

NPS 會使用 Active Directory Domain Services (AD DS) 網域,或嘗試本機安全性帳號 Manager(坡)使用者帳號資料庫驗證使用者認證連接。NPS uses an Active Directory Domain Services (AD DS) domain or the local Security Accounts Manager (SAM) user accounts database to authenticate user credentials for connection attempts. 執行 NPS 伺服器時 AD DS 網域的成員,NPS 為其使用者 account 資料庫中使用 directory 服務,而且部分單一登入方案。When a server running NPS is a member of an AD DS domain, NPS uses the directory service as its user account database and is part of a single sign-on solution. 相同的認證組使用的網路存取控制 \(驗證與授權的存取權 network\)並登入 AD DS 網域。The same set of credentials is used for network access control (authenticating and authorizing access to a network) and to log on to an AD DS domain.

注意

NPS 授權連接使用使用者 account 和網路原則撥號的屬性。NPS uses the dial-in properties of the user account and network policies to authorize a connection.

網際網路服務提供者 (ISPs) 和維護網路存取權的組織有增加的挑戰從單一位置管理,不論使用的網路存取設備類型的管理所有類型的網路存取權。Internet service providers (ISPs) and organizations that maintain network access have the increased challenge of managing all types of network access from a single point of administration, regardless of the type of network access equipment used. RADIUS 標準同和異質性環境中支援這項功能。The RADIUS standard supports this functionality in both homogeneous and heterogeneous environments. RADIUS 是讓網路存取設備(作為 RADIUS 戶端)來提交驗證及計量要求 RADIUS 伺服器 client 伺服器通訊協定。RADIUS is a client-server protocol that enables network access equipment (used as RADIUS clients) to submit authentication and accounting requests to a RADIUS server.

RADIUS 伺服器存取使用者 account 資訊,以及可以查看的網路存取驗證憑證。A RADIUS server has access to user account information and can check network access authentication credentials. 如果驗證使用者認證,授權連接嘗試 RADIUS 伺服器授權的使用者存取根據指定的條件,並再登入計量登入的 [網路存取權。If user credentials are authenticated and the connection attempt is authorized, the RADIUS server authorizes user access on the basis of specified conditions, and then logs the network access connection in an accounting log. 使用 RADIUS 允許網路存取權的使用者驗證、授權及計量資料收集及維護中央位置,而不是每個存取伺服器上。The use of RADIUS allows the network access user authentication, authorization, and accounting data to be collected and maintained in a central location, rather than on each access server.

使用 NPS RADIUS 伺服器Using NPS as a RADIUS server

您可以使用 NPS RADIUS 伺服器為時:You can use NPS as a RADIUS server when:

  • 您用於 AD DS 網域或本機坡使用者帳號資料庫與您的使用者 account 資料庫存取戶端。You are using an AD DS domain or the local SAM user accounts database as your user account database for access clients.
  • 您使用遠端存取伺服器撥號多個、VPN 伺服器上或撥號路由器,您想要的網路原則和連接登入及計量設定的集中管理。You are using Remote Access on multiple dial-up servers, VPN servers, or demand-dial routers and you want to centralize both the configuration of network policies and connection logging and accounting.
  • 您會將您為撥號、VPN、或 wireless 存取服務提供者。You are outsourcing your dial-up, VPN, or wireless access to a service provider. 存取伺服器驗證,以及授權成員您的組織所進行的連接到使用 RADIUS。The access servers use RADIUS to authenticate and authorize connections that are made by members of your organization.
  • 您想要驗證、授權及計量一組異質性存取伺服器的集中管理。You want to centralize authentication, authorization, and accounting for a heterogeneous set of access servers.

下圖 NPS RADIUS 伺服器的各種不同的存取用。The following illustration shows NPS as a RADIUS server for a variety of access clients.

NPS RADIUS 伺服器

RADIUS proxyRADIUS proxy

為 RADIUS proxy、NPS 轉送給驗證和計量訊息 NPS 及其他 RADIUS 伺服器。As a RADIUS proxy, NPS forwards authentication and accounting messages to NPS and other RADIUS servers. 您可以使用 NPS RADIUS proxy 提供的 RADIUS 路由郵件之間 RADIUS 戶端 \(也稱為網路存取 servers\)和連接嘗試執行驗證使用者、授權及計量 RADIUS 伺服器。You can use NPS as a RADIUS proxy to provide the routing of RADIUS messages between RADIUS clients (also called network access servers) and RADIUS servers that perform user authentication, authorization, and accounting for the connection attempt.

作為 RADIUS proxy,NPS 是中央切換或透過哪些 RADIUS 存取及計量訊息流程路由點。When used as a RADIUS proxy, NPS is a central switching or routing point through which RADIUS access and accounting messages flow. NPS 此資訊在計量登入轉寄簡訊。NPS records information in an accounting log about the messages that are forwarded.

使用 NPS RADIUS proxyUsing NPS as a RADIUS proxy

您可以使用 NPS RADIUS proxy 為時:You can use NPS as a RADIUS proxy when:

  • 您有多個針對外部的撥號、VPN 或 wireless 網路存取服務提供者的服務提供者。You are a service provider who offers outsourced dial-up, VPN, or wireless network access services to multiple customers. 您 Nas 會傳送給 NPS RADIUS proxy 連接要求。Your NASs send connection requests to the NPS RADIUS proxy. 根據領域部分連接要求的使用者名稱、NPS RADIUS proxy 連接要求維護客戶 RADIUS 伺服器轉送給可以驗證及授權連接嘗試。Based on the realm portion of the user name in the connection request, the NPS RADIUS proxy forwards the connection request to a RADIUS server that is maintained by the customer and can authenticate and authorize the connection attempt.
  • 您想要提供驗證和授權,但不是 NPS 伺服器的網域或其他雙向具有 NPS 伺服器的網域信任的網域成員帳號。You want to provide authentication and authorization for user accounts that are not members of either the domain in which the NPS server is a member or another domain that has a two-way trust with the domain in which the NPS server is a member. 這包括帳號受信任的網域,其他的樹系單向受信任的網域。This includes accounts in untrusted domains, one-way trusted domains, and other forests. 而不設定 NPS RADIUS 伺服器來傳送連接要求存取伺服器,您可以將它們傳送 NPS RADIUS proxy 連接要求設定。Instead of configuring your access servers to send their connection requests to an NPS RADIUS server, you can configure them to send their connection requests to an NPS RADIUS proxy. NPS RADIUS proxy 使用領域名稱部分的使用者名稱,然後轉寄 NPS 伺服器正確網域或森林中的邀請。The NPS RADIUS proxy uses the realm name portion of the user name and forwards the request to an NPS server in the correct domain or forest. 連接嘗試另一個網域或森林中的 Nas 驗證帳號一個網域或森林中的使用者。Connection attempts for user accounts in one domain or forest can be authenticated for NASs in another domain or forest.
  • 您想要使用的不是 Windows account 資料庫資料庫驗證且授權執行。You want to perform authentication and authorization by using a database that is not a Windows account database. 此時,請連接要求符合領域指定的名稱被轉送 RADIUS 伺服器、到不同的資料庫帳號及授權資料的存取。In this case, connection requests that match a specified realm name are forwarded to a RADIUS server, which has access to a different database of user accounts and authorization data. 其他使用者資料庫的範例包括 Novell Directory NDS 和結構化查詢的語言 (SQL) 資料庫。Examples of other user databases include Novell Directory Services (NDS) and Structured Query Language (SQL) databases.
  • 您想要處理大量連接要求。You want to process a large number of connection requests. 在這種情形下,而不是用來嘗試在多部 RADIUS 伺服器平衡他們連接及計量要求 RADIUS 戶端設定時,您可以設定他們連接及計量要求傳送給 NPS RADIUS proxy 它們。In this case, instead of configuring your RADIUS clients to attempt to balance their connection and accounting requests across multiple RADIUS servers, you can configure them to send their connection and accounting requests to an NPS RADIUS proxy. NPS RADIUS proxy 動態餘額連接載入及計量要求跨多個 RADIUS 伺服器增加的 RADIUS 用大量處理和每秒鐘。The NPS RADIUS proxy dynamically balances the load of connection and accounting requests across multiple RADIUS servers and increases the processing of large numbers of RADIUS clients and authentications per second.
  • 您想要提供 RADIUS 驗證和外部的服務提供者的授權最小化內部防火牆設定。You want to provide RADIUS authentication and authorization for outsourced service providers and minimize intranet firewall configuration. 內部防火牆是之間周邊網路(您的企業網路與網際網路之間網路)與內部網路。An intranet firewall is between your perimeter network (the network between your intranet and the Internet) and intranet. NPS 伺服器置於周邊網路、周邊網路之間內部防火牆必須允許多網域控制站伺服器 NPS 之間的流量。By placing an NPS server on your perimeter network, the firewall between your perimeter network and intranet must allow traffic to flow between the NPS server and multiple domain controllers. 具有 NPS proxy 取代 NPS 伺服器,防火牆必須允許只有在您的企業網路的一或多個 NPS 伺服器 NPS proxy 之間傳送 RADIUS 流量。By replacing the NPS server with an NPS proxy, the firewall must allow only RADIUS traffic to flow between the NPS proxy and one or multiple NPS servers within your intranet.

下圖顯示 NPS RADIUS proxy RADIUS 戶端與 RADIUS 伺服器之間為。The following illustration shows NPS as a RADIUS proxy between RADIUS clients and RADIUS servers.

NPS RADIUS Proxy 為

具有 NPS、組織也外包遠端存取的基礎結構服務提供者同時保留驗證使用者、授權及計量的控制。With NPS, organizations can also outsource remote access infrastructure to a service provider while retaining control over user authentication, authorization, and accounting.

您可以建立 NPS 設定如下:NPS configurations can be created for the following scenarios:

  • Wireless 存取Wireless access
  • 遠端存取的組織撥號或 virtual 私人網路 (VPN)Organization dial-up or virtual private network (VPN) remote access
  • 外部的撥號或 wireless 存取Outsourced dial-up or wireless access
  • 網際網路存取權Internet access
  • 協力廠商的已驗證的存取外部網路資源Authenticated access to extranet resources for business partners

RADIUS 伺服器,並 RADIUS proxy 設定範例RADIUS server and RADIUS proxy configuration examples

下列設定範例示範如何設定 NPS RADIUS 伺服器以及 RADIUS proxy。The following configuration examples demonstrate how you can configure NPS as a RADIUS server and a RADIUS proxy.

NPS RADIUS 伺服器為NPS as a RADIUS server. 在此範例中,設定 NPS RADIUS 伺服器為、預設連接要求原則是唯一設定的原則,然後所有連接要求都處理 NPS 本機伺服器。In this example, NPS is configured as a RADIUS server, the default connection request policy is the only configured policy, and all connection requests are processed by the local NPS server. NPS 伺服器可以驗證和授權其帳號的網域 NPS 伺服器與受信任的網域中的使用者。The NPS server can authenticate and authorize users whose accounts are in the domain of the NPS server and in trusted domains.

NPS RADIUS proxy 為NPS as a RADIUS proxy. 在此範例中,NPS 伺服器為 RADIUS proxy 連接要求送給遠端 RADIUS 伺服器群組兩個信任的網域中的設定。In this example, the NPS server is configured as a RADIUS proxy that forwards connection requests to remote RADIUS server groups in two untrusted domains. 預設連接要求刪除原則,並要求轉送到每個兩個受信任的網域建立兩個新連接要求原則。The default connection request policy is deleted, and two new connection request policies are created to forward requests to each of the two untrusted domains. 在此範例中,NPS 不處理本機伺服器上的任何連接要求。In this example, NPS does not process any connection requests on the local server.

NPS RADIUS 伺服器,並 RADIUS proxy 為NPS as both RADIUS server and RADIUS proxy. 除了預設連接要求原則,將指定在本機處理連接要求時,會建立新的連接要求原則,轉送給連接要求 NPS 或受信任的網域中的其他 RADIUS 伺服器。In addition to the default connection request policy, which designates that connection requests are processed locally, a new connection request policy is created that forwards connection requests to an NPS or other RADIUS server in an untrusted domain. 此第二個原則被名 Proxy 原則。This second policy is named the Proxy policy. 在此範例中,Proxy 原則會出現的原則排序清單中的第一次。In this example, the Proxy policy appears first in the ordered list of policies. 如果連接要求符合 Proxy 原則,連接要求轉送 RADIUS 伺服器遠端 RADIUS 伺服器群組中。If the connection request matches the Proxy policy, the connection request is forwarded to the RADIUS server in the remote RADIUS server group. 如果連接要求不符 Proxy 原則,但符合預設連接要求原則、NPS 處理連接要求本機伺服器上。If the connection request does not match the Proxy policy but does match the default connection request policy, NPS processes the connection request on the local server. 如果連接要求不符任一原則,會捨棄它。If the connection request does not match either policy, it is discarded.

NPS RADIUS 伺服器遠端計量伺服器為NPS as a RADIUS server with remote accounting servers. 在此範例中,執行計量未設定 NPS 本機伺服器,預設連接要求原則修改,因此 RADIUS 計量訊息的轉送 NPS 伺服器或其他 RADIUS 伺服器遠端 RADIUS 伺服器群組中。In this example, the local NPS server is not configured to perform accounting and the default connection request policy is revised so that RADIUS accounting messages are forwarded to an NPS server or other RADIUS server in a remote RADIUS server group. 轉送計量簡訊,但不轉送驗證和授權訊息,本機伺服器 NPS 本機網域執行這些功能及所有受信任的網域。Although accounting messages are forwarded, authentication and authorization messages are not forwarded, and the local NPS server performs these functions for the local domain and all trusted domains.

NPS 的 Windows 使用者對應遠端 RADIUSNPS with remote RADIUS to Windows user mapping. 在此範例中,NPS 的作用為 RADIUS 伺服器,並為每個個人連接要求 RADIUS proxy 轉送遠端 RADIUS 伺服器的驗證要求時使用本機的 Windows 使用者 account 授權。In this example, NPS acts as both a RADIUS server and as a RADIUS proxy for each individual connection request by forwarding the authentication request to a remote RADIUS server while using a local Windows user account for authorization. 此設定是由做為條件連接要求原則設定的 Windows 使用者對應屬性遠端 RADIUS 實作。This configuration is implemented by configuring the Remote RADIUS to Windows User Mapping attribute as a condition of the connection request policy. \ (另外,帳號必須建立本機具有相同名稱遠端 RADIUS 伺服器針對執行驗證遠端使用者 account RADIUS 伺服器上。)(In addition, a user account must be created locally on the RADIUS server that has the same name as the remote user account against which authentication is performed by the remote RADIUS server.)

設定Configuration

若要設定 NPS RADIUS 伺服器,您可以使用標準設定或 [進階的設定 NPS 主控台中,或在伺服器管理員中。To configure NPS as a RADIUS server, you can use either standard configuration or advanced configuration in the NPS console or in Server Manager. 若要設定 NPS RADIUS proxy 為,您必須使用進階的設定。To configure NPS as a RADIUS proxy, you must use advanced configuration.

一般設定Standard configuration

使用標準設定時,會提供精靈可協助您針對下列案例設定 NPS:With standard configuration, wizards are provided to help you configure NPS for the following scenarios:

  • 撥號或 VPN 連接 RADIUS 伺服器RADIUS server for dial-up or VPN connections
  • 適用於 802.1 X wireless 或有線連接 RADIUS 伺服器RADIUS server for 802.1X wireless or wired connections

若要設定使用精靈 NPS、開放 NPS 主機、選取前一個案例,其中一個,然後按一下開啟精靈的連結。To configure NPS using a wizard, open the NPS console, select one of the preceding scenarios, and then click the link that opens the wizard.

[進階的設定Advanced configuration

當您使用 [進階的設定時,您手動設定 NPS RADIUS 伺服器或 RADIUS proxy。When you use advanced configuration, you manually configure NPS as a RADIUS server or RADIUS proxy.

若要設定 NPS 使用 [進階的設定,開放 NPS 主控台中,,然後按一下旁邊的箭頭進階設定以展開區段此。To configure NPS by using advanced configuration, open the NPS console, and then click the arrow next to Advanced Configuration to expand this section.

提供下列進階的設定項目。The following advanced configuration items are provided.

設定 RADIUS 伺服器Configure RADIUS server

若要設定 NPS RADIUS 伺服器,您必須設定 RADIUS 戶端、網路原則和 RADIUS 計量。To configure NPS as a RADIUS server, you must configure RADIUS clients, network policy, and RADIUS accounting.

指示進行這些設定,請查看下列主題。For instructions on making these configurations, see the following topics.

設定 RADIUS proxyConfigure RADIUS proxy

若要設定 NPS RADIUS proxy 為,您必須設定 RADIUS 戶端、遠端 RADIUS 伺服器群組和連接要求原則。To configure NPS as a RADIUS proxy, you must configure RADIUS clients, remote RADIUS server groups, and connection request policies.

指示進行這些設定,請查看下列主題。For instructions on making these configurations, see the following topics.

NPS 登入NPS logging

NPS 登入也稱為 RADIUS 計量。NPS logging is also called RADIUS accounting. 設定是否作為 NPS RADIUS 伺服器、proxy,或是這些設定的任何組合 NPS 登入您的需求。Configure NPS logging to your requirements whether NPS is used as a RADIUS server, proxy, or any combination of these configurations.

若要設定 NPS 登入,您必須設定您想要登入的事件您要登入並檢視的事件檢視器],然後判斷哪些其他資訊。To configure NPS logging, you must configure which events you want logged and viewed with Event Viewer, and then determine which other information you want to log. 此外,您必須認為您是要登入驗證使用者以及計量資訊儲存在本機電腦上的文字登入檔案,或 edition 在本機電腦或遠端電腦上。In addition, you must decide whether you want to log user authentication and accounting information to text log files stored on the local computer or to a SQL Server database on either the local computer or a remote computer.

如需詳細資訊,請查看設定的網路原則伺服器計量For more information, see Configure Network Policy Server Accounting.