none
RADIUS伺服器可以覆寫嗎 RRS feed

  • 一般討論

  • 各位前輩們 您好

    我現在有在一台2003 Server 上面有裝RADIUS伺服器

    現在有另一台2012的Server 想要取代掉這台2003 Server

    是否有辦法可以不用重架RADIUS伺服器 直接讓他做轉移或複寫呢

    • 已變更類型 Molly Mao 2015年10月23日 上午 06:07
    2015年7月31日 上午 03:25

所有回覆

  • 1. 在 Windows Server 2012 NPS 伺服器複製下列檔案:iasmigreader.exe,路徑:%windir%\syswow64\ 中

    2. 貼至 Windows Server 2003 IAS 伺服器的 %windir%\system32\ias 資料夾內並執行

    3. 將產生好的 Ias.txt 複製到 Windows Server 2012 NPS 伺服器

    4. 執行 netsh nps import 完整路徑\ias.txt

    2015年7月31日 上午 03:48
  • Hi,

    關於Radius移轉知識與步驟,可以參考以下文章

    Migrate Network Policy Server to Windows Server 2012

    https://technet.microsoft.com/en-us/library/hh831652.aspx

    ===

    以下是主要內容

         

    1.       Preparing to Migrate
    a.       Select a file storage location where migration files will be kept. The storage location can be a network share that is accessible by both the source and destination server, or portable media that can be transferred from one server to another. Portable media is recommended because of data security.
    b.      Assign a temp computer name and IP address of the destination server. Logon with an Domain Admin or Local administrator account. 
    c.       Install the NPS role service on the destination server using the steps provided in Install Network Policy Server (NPS) (http://go.microsoft.com/fwlink/?LinkId=169633).
    d.      If the source server has non-Microsoft authentication methods installed, then install same authentication methods on the destination server using your vendor documentation before importing the source server configuration.
    e.      If the source server has extension DLLs installed, install the same extension DLLs on the destination server before importing the source server configuration. For more information, see Setting Up the Extension DLLs (http://go.microsoft.com/fwlink/?LinkId=169632). 
    f.        If the source server has non-Microsoft SHVs installed, then install same SHVs on the destination server using your vendor documentation before importing the source server configuration.

    2.       Migrating the NPS Server
    a.       Find migration tool C:\Windows\SysWOW64\iasmigreader.exe in your destination RADIUS server. Copy it to your file storage. 
    b.      Copy the migration tool to C:\ in your source server. 
    c.       In your source server, Open an elevated command prompt.
    d.      Navigate to C:\. Type iasmigreader and press enter. Then the migration tool will automatically exports the configuration settings of IAS on a computer running Windows Server 2003 to a text file, named as ias.txt under C:\Windows\SysWOW64\ias.
    e.      You must manually copy SQL log configuration settings on the source server to a file (example: sql.txt).
    To record these settings:
    i.         At the previous elevated command prompt, type ias.msc, and then press Enter.
    ii.       In the IAS console tree, click Remote Access Logging, right-click SQL Server, and then click Properties.
    iii.      Record the configuration settings on the Settings tab, and then click Configure.
    iv.     Manually record all configuration settings from the Connection and Advanced tabs by copying them into the sql.txt file. Alternatively, you can click the All tab and enter Name and Value settings displayed on each line into the sql.txt file. For a list of text logging and SQL configuration settings that you need to record manually, see NPS Server Migration: Appendix A - Data Collection Worksheet(http://technet.microsoft.com/en-us/library/hh831741.aspx). 
    f.        Copy ias.txt and sql.txt to your destination RADIUS server.
    g.       In your destination RADIUS server, open an elevated command prompt, type netsh nps import filename="path\ias.txt" and then press Enter. Replace path with the directory where the ias.txt file is located. 
    h.      If required, configure SQL accounting. To configure SQL accounting:
    i.         In the Server Manager console tree, click ALL SERVERS, then from the list of servers in the right pane, right-click the relevant server and select Network Policy Server.
    ii.       Click Accounting and then click Change SQL Server Logging Properties.
    iii.      Manually enter SQL settings from the sql.txt file that you created.

    3.       Post-migration Tasks
    a.       If the destination server uses the same host name and IP address as source server.
                  i.      Remove the source server from your Active Directory domain. Delete computer named with source server under AD Users and Computers -> Domain Name -> Computers. 
                  ii.      Shut down the source server.
                  iii.      Rename the destination server to the name of the source server and configure the same static IP address as that used by the source server. 

    b.      If the destination server uses different host name and IP address.
             NPS server name/ IP address should be updated on Remote RADIUS servers and RADIUS clients. It requires manual update of the configurations on RADIUS clients and Network Access Servers (NAS). Please refer to your RADIUS client configuration guide for more information.



    請記得將對您有幫助的回覆"標示為解答"以幫助其他尋找解答及參與社群討論的朋友們。

    Please remember to click Mark as Answer on the post that helps you. This can be beneficial to other community members reading the thread.



    • 已編輯 Molly Mao 2015年7月31日 上午 06:59
    2015年7月31日 上午 06:55
  • 非常感謝兩位前輩的指點

    想在請問一下

    在2003中的RADIUS中有遠端存取紀錄以及遠端存取原則

    在2012中沒發現這兩個地方

    請問該去哪做這兩個地方調整呢

    另外在2012上的NPS(本機)右邊有設定NAP選項

    是否一定要設定這邊才能使用呢

    2015年7月31日 上午 07:58
  • "遠端存取原則" 被放在 "網路原則" 中,安裝 "網路原則與存取服務角色" 的 "路由及遠端存取服務" 角色服務,就會有 "遠端存取紀錄"
    2015年7月31日 上午 09:49
  • 您好

    非常謝謝您的指點

    我在2012中選擇安裝"網路原則與存取服務角色"中 並無看到 "路由及遠端存取服務" 角色服務

    請問該去哪裡安裝此角色呢


    • 已編輯 ray11429 2015年8月3日 上午 06:09
    2015年8月3日 上午 02:56
  • "路由及遠端存取" 直接就在 "遠端存取" 的伺服器角色之中喔
    2015年8月3日 上午 05:24
  • 您好

    謝謝您的說明

    在遠端存取角色中有三個選項

    請問是安裝路由此選項嗎?

    2015年8月3日 上午 06:13