locked
Radius Proxy and Server with NPS RRS feed

  • Question

  • We have two Active Directories that are connected by an one-way trust. Users of Domain B can use computers in Domain A, but not otherwise. For our new WLAN we are planning to use our Windows Servers 2008 R2 as Radius Server(s). For this reason I want to know:

    Is it possible to use the server of domain A as Radius Proxy for users of domain B and at the same time as Radius Server for users of domain A? If yes, how can I do that? I didn't find any instructions yet.


    • Edited by tubauwe Friday, November 7, 2014 1:34 PM
    Friday, November 7, 2014 1:32 PM

Answers

  • Hi,

    According to your description, my understanding is that you want to deploy RADIUS server between 2 ADs which is one-way trust.

    RADIUS server provides authentication and authorization for user accounts, and this process may need the permission to access the Active Directory database(both domain A and B) if you use domain account. Based on your description, domain A and B are one-way trust(B access A). If RADIUS server is member of domain A, then it wouldn’t get the user account information in domain B.

    Besides, RADIUS server and RADIUS proxy are usually separate devices.

    I am wondering what is the relationship and the connection way of these 2 domains. If the member of B can access A, you may set RADIUS server in B, and a RADIUS proxy in A to forward request to RADIUS server(in B). or each domain configured with a RADIUS server to process their own request. It is depend on the network topology, network traffic, and your requirement.

    For detailed information about RADIUS/RADIUS proxy, and deployment, you may reference the link below:
    http://technet.microsoft.com/en-us/library/dd197558(v=ws.10).aspx

    Best Regards,           
    Eve Wang

    Monday, November 10, 2014 7:19 AM