NPS authentication and management

matteu31 467 Reputation points
2021-05-04T12:30:53.38+00:00

Hello,

I have a customer with NPS role installed on DC01 and radius client + radius server configured.
Radius client are wifi controller and radius server is fortigate

On his policy connexion settings I don't understand exactly how it works.
On transfert connexion :
-Authentication : On this server
-Management : On the fortigate.

I understand authentication is done on the domain controller (with active directory I suppose ?) and logs are copied to the fortigate.

Am I right or wrong ? I don't understand really if DC01 is proxy radius or radius server in the environment.

Thank you for your help.

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,701 questions
{count} votes

7 answers

Sort by: Most helpful
  1. Candy Luo 12,646 Reputation points Microsoft Vendor
    2021-05-06T09:21:46.35+00:00

    I don't understand what accounting do really

    NPS accounting is used to logging user authentication and accounting requests. Accounting data can also assist with network access troubleshooting.

    As picture below:

    94250-image.png

    0 comments No comments

  2. matteu31 467 Reputation points
    2021-05-06T09:28:09.623+00:00

    Thank you for your answer.

    What do you mean exactly by accounting request ?

    I try to know what's the difference... My DC is used for authentication here but network policy is not done by the DC but by the firewall right?
    If for authentication I change to fortigate, that means fortigate will check on his local account if the user / password is good ?
    And if I change accounting to be done locally , network policy will be done by the DC ?

    Yes, I saw the logs on the DC to on c:\windows\logFiles with INXXXX generated each month.

    0 comments No comments