Solved

RADIUS ISSUE - DIMMED OPTION QUERY

Posted on 2011-03-03
5
231 Views
Last Modified: 2012-05-11
Hi ive been following instructions to setup on my win 2003 server dc a radius server which was straight forward but the part im stuck on is:

Windows Server 2003:  For Windows Server 2003, user permission is specified in the Remote Access Policy that is configured in the Internet Authentication Service.  As shown above! For Configuring Remote Access Policy.

1. Right click on a user and select Properties. The User Properties window opens.
2. In the Dial-In tab, select the "Control access through Remote Access Policy" radio button in the Remote Access Permission (Dial-in or VPN) section.  - but this option is dimmed out! why?
0
Comment
Question by:mikey250
  • 4
5 Comments
 
LVL 13

Accepted Solution

by:
agarwalrahul earned 500 total points
ID: 35030040
If “Control Access through Remote Access Policy” is grayed out then your domain functional level is probably set to Windows 2000. To enable it, right click on your domain name in Active Directory and select Raise Domain Functional Level. Choose Windows 2003 from the drop down list and press Apply. Once you are done, you will be able to select “Control Access through Remote Access Policy”.

Note: Before raising the Domain functional level check if your network has any NT based servers and/or Win 95/98 based clients. Once you raise the functional level to 2003 Native mode these machines wont connect and you wont be able to go back to Windows 2000 Level.
0
 

Author Comment

by:mikey250
ID: 35035152
hi just switching my server on now to check, but when i install everything i always install server as win 2003 as have no win 2000 components!
0
 

Author Comment

by:mikey250
ID: 35035161
nope know other machines except win 2003 configured exactly the same although just a standalone server, so presumably i should raise domain functional level the same way as have no intention of using nt based servers win 95/98.  Not that i am using them because i am not, but presumably vista, xp & win 7 is ok?
0
 

Author Comment

by:mikey250
ID: 35035200
the reason for asking my main question is because ive setup radius server on the same master dc, and installed and followed instructions which continued on from radius for IAS.

the thing that confused me was that i found some instructions about configured remote policy for win 2003 but the instructions weren't exact but realised it was because i did not install 'Routing & Remote Access' and then the instructions look straight forward, although ive stopped at this point!!!...

ive just checked and you were right it was set to win 2000, how it that so?
0
 

Author Comment

by:mikey250
ID: 35035355
yes - the option "Control access through Remote Access Policy" - is no longer dimmed and as per instruction i accessed IAS and right clicked the 'remote access policy' i created earlier specific for 'radius' and selected 'grant remote access permission'.

I know i never mentioned this below in my main thread but this is what im trying to do!!

although my client pc is plugged into the local switch im assuming this will not be a problem?

as i have configured the radius/ias/remote access policy correctly - i think!!! - im assuming if i was a remote user it would now allow that user to logon ?

one thing is puzzling me, im thinking i need to ALSO activate 'Remote Routing Access' for VPN as when a user logs on it will be the VPN that the connection travels through in-conjunction with the above configurations?

when  a user logs on will i be able to check or see something to know it was configured correctly?
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now