Скачати 326.71 Kb.
Windows Server 2008 Network Policy Server (NPS) Operations Guide
Published: April 2008
Author: James McIllece
Editor: Scott Somohano
The Network Policy Server Operations Guide provides information about how to administer NPS after it is installed and deployed. It also includes troubleshooting information for specific problems and scenarios.
The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.
Your right to copy this documentation is limited by copyright law and the terms of the software license agreement. As the software licensee, you may make a reasonable number of copies or printouts for your own use. Making unauthorized copies, adaptations, compilations, or derivative works for commercial distribution is prohibited and constitutes a punishable violation of the law.
© 2008 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
All other trademarks are property of their respective owners.
Windows Server 2008 Network Policy Server (NPS) Operations Guide 1
Network Policy Server Operations Guide 7
Windows Server 2008 Editions and NPS 7
Windows Server 2008 Enterprise and Datacenter Editions 7
Windows Server 2008 Standard Edition 7
Windows Web Server 2008 8
NPS resources 8
Introduction to Administering NPS 8
When to use this guide 8
How to use This guide 9
Best Practices for NPS 9
Client computer configuration 10
Security issues 10
Optimizing NPS 12
Using NPS in large organizations 12
Network Access Protection (NAP) 13
Administering NPS 14
Managing NPS Servers 14
Administer NPS by Using Tools 15
Enable Remote Administration of an NPS Server 15
Enter the Netsh NPS Context on an NPS Server 16
Installing NPS 16
Install Network Policy Server (NPS) 17
Install NPS by Using the Add Role Services Wizard 18
Manage an NPS Server by Using Remote Desktop Connection 19
Manage Multiple NPS Servers by Using the NPS MMC Snap-in 20
Configure the Local NPS Server by Using the NPS Console 21
Configure NPS on a Multihomed Computer 21
Configure NPS UDP Port Information 23
Disable NAS Notification Forwarding 24
Export an NPS Server Configuration for Import on Another Server 24
Increase the Number of NPS Concurrent Authentications 26
Interpret NPS Database Format Log Files 26
Entries recorded in database-compatible log files 27
Interpret Windows System Health Validator Entries in Log Files 34
Diagnostic codes 35
Error codes 36
Determining the client operating system 38
Example log file entries 38
First example log file entry 39
Second example log file entry 40
Register an NPS Server in Another Domain 41
Register an NPS Server in its Default Domain 41
Unregister an NPS Server from its Default Domain 42
Verify Configuration After an NPS Server IP Address Change 42
Verify Configuration After Renaming an NPS Server 44
Managing Certificates Used with NPS 45
Change the Cached TLS Handle Expiry 45
Configure the TLS Handle Expiry Time on Client Computers 46
Configure the TLS Handle Expiry Time on NPS Servers 47
Obtain the SHA-1 Hash of a Trusted Root CA Certificate 47
Managing RADIUS Clients 48
Set up RADIUS Clients 49
Configure the Network Access Server 50
Add the Network Access Server as a RADIUS Client in NPS 50
Set up RADIUS Clients by IP Address Range 51
Managing Network Policies 53
An ordered list of rules 53
Configure NPS for VLANs 54
Configure a Network Policy for VLANs 55
Configure the EAP Payload Size 56
Configure the Framed-MTU Attribute 56
Configure NPS to Ignore User Account Dial-in Properties 57
|Step-by-Step Guide for Configuring Network Load Balancing with Terminal Services: Windows Server 2008||Step-by-Step Guide for Configuring a Two-Node File Server Failover Cluster in Windows Server 2008|
|Step-by-Step Guide for Configuring a Two-Node Print Server Failover Cluster in Windows Server 2008||Server Core Installation Option of Windows Server 2008 Step-By-Step Guide|
|Step-by-Step Guide for File Server Resource Manager in Windows Server 2008||Step-by-Step Guide for Windows Deployment Services in Windows Server 2008|
|Step-by-Step Guide for Storage Manager for sans in Windows Server 2008||Services for nfs step-by-Step Guide for Windows Server 2008|
|Windows Server 2008 Active Directory Certificate Services Step-By-Step Guide||Windows Server 2008 ts licensing Step-By-Step Guide|