Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Solved
IAS : Migration and requirement
Posted on 2007-12-01
I am upgrading our Active Directory from Windows 2000 to Windows 2003 R2. There is a 2000 DC with IAS-RADIUS server running doing authentication for CISCO WAP devices. I will be demoting that server and I would like move that IAS service to a Windows 2003 server. Questions:
1- Do you know the steps to migrate IAS settings from 2000 to a 2003 server? I already found the steps from 2000 to 2000 bu there is a disclaimer about not working when moving to a 2003 server. Here: http://www.webservertalk.com/archive123-2004-10-357884.html
2- Is it required for IAS to run on a Domain Controller and not just a member server? The reason I ask is due to this KB Article:http://support.microsoft.com/kb/317588
Thanks
1- Do you know the steps to migrate IAS settings from 2000 to a 2003 server? I already found the steps from 2000 to 2000 bu there is a disclaimer about not working when moving to a 2003 server. Here: http://www.webservertalk.com/archive123-2004-10-357884.html
2- Is it required for IAS to run on a Domain Controller and not just a member server? The reason I ask is due to this KB Article:http://support.microsoft.com/kb/317588
Thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
3 Comments
Active 1 day ago
1. as per the following MS official document, "the configuration of IAS servers running on products in the Windows 2000 server family can be imported into products in the Windows Server 2003 family with set config. The reverse, however, is not possible."
Netsh commands for AAAA
http://technet2.microsoft.com/WindowsServer/en/Library/9ffd261c-62e4-4f41-aa35-2790bd2534771033.mspx
2. you may run IAS on a member server. actually, installing an IAS on a domain controller is a bit unusual. that's probably why MS published two KB articles regarding "how to configure a Primary/Secondary Internet Authentication Service Server on a Domain Controller."
hope it helps,
bbao
Netsh commands for AAAA
http://technet2.microsoft.com/WindowsServer/en/Library/9ffd261c-62e4-4f41-aa35-2790bd2534771033.mspx
2. you may run IAS on a member server. actually, installing an IAS on a domain controller is a bit unusual. that's probably why MS published two KB articles regarding "how to configure a Primary/Secondary Internet Authentication Service Server on a Domain Controller."
hope it helps,
bbao
Active 1 day ago
basically, where to put an IAS depends on your security architecture. you have to find a tradeoff between security and performance. for example, installing IAS on DC avoids the traffic between IAS and DC, but it allows IAS clients to "touch" the DC where stores the most sensitive credentials of an organization.
hope it helps,
bbao
hope it helps,
bbao
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"!
Step 1: Open a new google tab
Step 2: Go to the left hand upper corn…
Suggested Courses
Course of the Month4 days, 19 hours left to enroll
670 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.