RADIUS and Azure AD

Raffael Luthiger 26 Reputation points
2020-01-13T14:18:41.543+00:00

Is it somehow possible to have RADIUS capabilities with Azure AD? Or do I have to install my own RADIUS server which is then sending LDAP requests to Azure AD? Or what other options do I have when I want to authenticate on switches and access points with Azure AD?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,094 questions
0 comments No comments
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,441 Reputation points
    2020-01-13T15:14:31.447+00:00

    @Raffael Luthiger You can use NPS Extension to use RADIUS capabilities with Azure AD. Azure AD doesn't understand LDAP and works with REST (REpresentational State Transfer). REST is web standards based architecture and uses HTTP Protocol. NPS Extension converts RADIUS calls to REST calls to allow it to work with Azure AD.

    -----------------------------------------------------------------------------------------------------------

    Please "accept as answer" wherever the information provided helps you to help others in the community.

    1 person found this answer helpful.

5 additional answers

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,441 Reputation points
    2020-05-08T08:21:54.473+00:00

    @Muhammed Suhail NPS cannot do Primary Auth with AAD, it has to be on-prem AD. Only second factor authentication can be done with AAD. The reason is NPS extension converts RADIUS calls to REST calls that AAD understands. NPS extension comes into picture after Primary Auth is done by NPS server and NPS server cannot convert RADIUS calls to REST calls.

    1 person found this answer helpful.
    0 comments No comments

  2. Anuj Rana 211 Reputation points
    2020-05-08T16:54:12.73+00:00

    If there is no Active Directory and you want to use NPS extension to perform MFA, you can setup Azure AD Domain Service instance. Join your NPS ext server to Azure AD domain services domain and your users should be able to use their Azure AD credentials for Primary Authentication. Let me know if this helps or any questions around it.

    1 person found this answer helpful.

  3. Warren Dilley 1 Reputation point
    2020-03-27T00:07:55.213+00:00

    Is it possible to run FreeRadius as a container in Azure and have it authenticate against Azure AD and/or AADDS?


  4. Muhammed Suhail 1 Reputation point
    2020-05-04T15:32:44.87+00:00

    @AmanpreetSingh-MSFT @Pierre Audonnet - MSFT , What if there is no on-premises Active Directory to perform the primary authentication for the RADIUS ?
    Can NPS do primary authentication with AAD ?

    0 comments No comments