Share via

How Can I join an on-premise RADIUS server to Azure AD without having active directory on-premise

Mohammed Shankar 0 Reputation points
2023-11-29T21:08:40.6166667+00:00

Hi

i'd like to link my on-prem RADIUS server with AAD , my active directory on Azure. is there any way to do this way?

Windows for business | Windows Server | Devices and deployment | Set up, install, or upgrade
Microsoft Security | Microsoft Entra | Microsoft Entra ID

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Konstantinos Passadis 19,591 Reputation points MVP
    2023-11-29T21:18:26.17+00:00

    Hello @mohammed shankar !

    Welcome to Microsoft QnA!

    For a Radius Server to work you can do it only with Azure Domain Services

    Azure AD Domain Services provides managed domain services such as domain join, group policy, LDAP, and Kerberos/NTLM authentication. You need to enable AAD DS in your Azure environment.

    Azure AD does not support the Radius implementation

    If you could provide more details on the purpose we may provide a way but in general LDAP is not supported on Azure AD - Entra ID , only via Azure Domain Services

    https://azure.microsoft.com/en-us/products/active-directory-ds

    https://learn.microsoft.com/en-au/azure/active-directory-domain-services/tutorial-configure-ldaps

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

  2. JimmySalian-2011 42,511 Reputation points
    2023-11-29T21:20:42.1666667+00:00

    Hi Mohammad,

    Yes you can try the handing off authentication requests via the Radius to Azure AD and check the configuration process here - https://learn.microsoft.com/en-us/entra/architecture/auth-radius

    Hope this helps.

    JS

    ==

    Please Accept the answer if the information helped you. This will help us and others in the community as well.

    0 comments
  3. Konstantinos Passadis 19,591 Reputation points MVP
    2023-11-29T21:39:26.2166667+00:00

    Hello @mohammed shankar !

    In that case you can integrate using the NPS Extension

    https://learn.microsoft.com/en-us/entra/architecture/auth-radius

    Use when: 

    You need to add multifactor authentication to applications like

    • a Virtual Private Network (VPN)
    • WiFi access
    • Remote Desktop Gateway (RDG)
    • Virtual Desktop Infrastructure (VDI)
    • Any others that depend on the RADIUS protocol to authenticate users into the service.

    Note

    Rather than relying on RADIUS and the Microsoft Entra multifactor authentication NPS extension to apply Microsoft Entra multifactor authentication to VPN workloads, we recommend that you upgrade your VPN’s to SAML and directly federate your VPN with Microsoft Entra ID. This gives your VPN the full breadth of Microsoft Entra ID Protection, including Conditional Access, multifactor authentication, device compliance, and Identity Protection.

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.