Best practice in setting up NPS

fm22 101 Reputation points

Just wanted to know is it best practice to install RADIUS authentication server (NPS) to each DHCP server that you have on your environment? To minimize or load balance the authentication request

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,237 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Wesley Li-MSFT 4,381 Reputation points Microsoft Vendor


    Yes, it is considered a good practice to install Network Policy Server (NPS) as a RADIUS server on all of your domain controllers to effectively balance the load of traffic. Here are some best practices for deploying and managing NPS:

    Install NPS on Domain Controllers: To effectively balance the load of traffic, install NPS as a RADIUS server on all of your domain controllers.

    Configure NPS Proxies: Configure two or more NPS proxies to forward the authentication requests between the access servers and the RADIUS servers.

    Configure Access Servers: Configure your access servers to use the NPS proxies as RADIUS servers.

    Use Individual Certificates: Provide an individual certificate to each RADIUS server. You can assign a unique name in each certificate (RADIUS server’s host name, for example), or use a generic common name in all RADIUS certificates.