What's New in Network Policy Server (NPS)

Applies To: Windows Server 2008 R2

What are the major changes?

Network Policy Server (NPS) provides the following new features in Windows Server® 2008 R2:

  • NPS templates and Templates Management. NPS templates allow you to create NPS server configuration elements, such as Remote Authentication Dial-In User Service (RADIUS) clients or shared secrets, that you can reuse on the local server running NPS and export for use on other NPS servers. Templates Management provides a node in the NPS console where you can create, modify, and save templates. In addition, you can export templates for use on other NPS servers, or import templates into Templates Management for use on the local computer.

  • RADIUS accounting improvements. These improvements include a new accounting configuration wizard that allows you to easily configure Microsoft SQL Server® logging, text file logging, or combinations of these two logging types. In addition, you can use the wizard to automatically configure an NPS database on a local or remote computer running SQL Server.

  • Full support for international, non-English character sets using UTF-8 encoding. In compliance with the Internet Engineering Task Force (IETF) request for comments (RFC) 2865, NPS processes the value of the User-Name attribute in a connection request using 8-bit Unicode Transformation Format (UTF-8) encoding. The User-Name attribute includes the user or computer identity and the realm. Optionally, a registry key can be used to cause NPS to process the value of the User-Name attribute in American Standard Code for Information Interchange (ASCII) format.

Who will be interested in these features?

Network administrators, system administrators, and network architects that centrally manage network access by using NPS will be interested in these features.

Are there any special considerations?

Following are special considerations for using new NPS features:

  • All NPS servers upon which you want to use the new features listed above must be running a Windows Server 2008 R2 operating system.

  • To deploy SQL Server logging, you must purchase, install, and configure Microsoft SQL Server.

Which editions include Network Policy Server?

NPS is available as a role service of the Network Policy and Access Services role in the Windows Server® 2008 R2 Standard operating system, Windows Server® 2008 R2 Enterprise operating system, and the Windows Server® 2008 R2 Datacenter operating system.

Does Network Policy Server function differently in some editions?

NPS provides different functionality depending on the edition of Windows Server 2008 R2 that you install:

  • Windows Server 2008 R2 Enterprise and Windows Server 2008 R2 Datacenter. These server editions include NPS. With NPS in Windows Server 2008 R2 Enterprise and Windows Server 2008 R2 Datacenter, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. In addition, you can configure a group of RADIUS clients by specifying an IP address range.

  • Windows Server 2008 R2 Standard. This server edition includes NPS. With NPS in Windows Server 2008 R2 Standard, you can configure a maximum of 50 RADIUS clients and a maximum of two remote RADIUS server groups. You can define a RADIUS client by using a fully qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. If the fully qualified domain name of a RADIUS client resolves to multiple IP addresses, the NPS server uses the first IP address returned in the Domain Name System (DNS) query.

  • Windows® Web Server 2008 R2. This server edition does not include NPS.