Jaa


Remote RADIUS Server Group Commands

Applies To: Windows Server 2008

This section contains the following commands.

  • add remoteserver

  • add remoteservergroup

  • delete remoteserver

  • delete remoteservergroup

  • rename remoteserver

  • rename remoteservergroup

  • reset remoteserver

  • reset remoteservergroup

  • set remoteserver

  • show remoteserver

  • show remoteservergroup

For information on how to interpret netsh command syntax, see Formatting Legend.

Remote RADIUS Server Group commands

The following entries provide details for each command.

add remoteserver

Adds a RADIUS server to a remote RADIUS server group.

Syntax

add remoteserver [ remoteservergroup = ] remoteservergroup [ address = ] address [ [ acctport = ] acctport [ authport = ] authport [ acctsharedsecret = ] acctsharedsecret [ authsharedsecret = ] authsharedsecret [ requireauthattrib = ] Yes | No [ priority = ] priority [ weight = ] weight [ timeout = ] timeout [ maxdropped = ] maxdropped [ blackout = ] blackout [ notifications = ] Yes | No ]

Parameters

  • remoteservergroup
    Required. Specifies the name of the remote RADIUS server group to which you want to add a RADIUS server.
  • address
    Required. Specifies the Fully Qualified Domain Name (FQDN) or IP address of the RADIUS server that you want to add to the remote RADIUS server group.
  • acctport
    Optional. Specifies the UDP ports that are used for RADIUS accounting messages. The defaults are 1813 and 1646.
  • authport
    Optional. Specifies the User Datagram Protocol (UDP) ports that are used for RADIUS authentication messages. The defaults are 1812 and 1645.
  • acctsharedsecret
    Optional. Specifies the shared secret used for RADIUS accounting messages.
  • authsharedsecret
    Optional. Specifies the shared secret used for RADIUS authentication messages.
  • requireauthattrib
    Optional. Specifies whether use of the message authenticator attribute is used for verification and is required for RADIUS Access-Request messages. If you specify Yes, verification of messages is required by the RADIUS server you are adding to a remote RADIUS server group. If you specify No, verification of messages is not required. The default value is Yes.
  • priority
    Optional. Specifies whether the server is a primary or backup server. Primary servers are specified as one. The default value is one (primary). The value must be between one and 65535.
  • weight
    Optional. Specifies the frequency with which requests are sent to servers in that priority group. The default value is 50. The value must be between one and 65535.
  • timeout
    Optional. Specifies the maximum non-responsive time, in seconds, before the request is considered dropped. The value must be equal to or less than the blackout value. The default value is three.
  • maxdropped
    Optional. Specifies the maximum number of requests that can be dropped before the server is considered to be unavailable. The default value is five.
  • blackout
    Optional. Specifies the time that elapses between requests, in seconds, before the server is considered unavailable. The default is 30.
  • notifications
    Optional. Specifies whether the RADIUS server forwards start and stop notifications. If you specify Yes, the RADIUS server forwards notifications. If you specify No, the RADIUS server does not forward notifications. The default value is Yes.

Example

The following example adds a RADIUS server named nps-01.example.com to a remote RADIUS server group named Servers1.

add remoteserver remoteservergroup = "Servers1" address = nps-01.example.com

add remoteservergroup

Adds a remote RADIUS server group to which you want to forward connection requests.

Syntax

addremoteservergroup [name =] name

Parameters

  • name
    Required. Specifies the name of the remote RADIUS server group that you want to add to the Network Policy Server (NPS) configuration.

delete remoteserver

Deletes the specified RADIUS server from the specified remote RADIUS server group.

Syntax

delete remoteserver [remoteservergroup =] remoteservergroup [address = ] address

Parameters

  • remoteservergroup
    Required. Specifies the name of the remote RADIUS server group from which you want to delete a server.
  • address
    Required. Specifies the FQDNor the IP address of the RADIUS server that you want to delete from the remote RADIUS server group.

delete remoteservergroup

Deletes a remote RADIUS server group from the NPS server configuration. If you delete a remote RADIUS server group, all RADIUS servers contained within the group are deleted.

Syntax

delete remoteservergroup [name =] name

Parameters

  • name
    Required. Specifies the name of the remote RADIUS server group that you want to delete.

Example

The following example deletes a remote RADIUS server group named Servers1 from the NPS server configuration.

delete remoteservergroup name = Servers1

rename remoteserver

Specifies a new FQDN or IP address for an existing remote RADIUS server that is a member of an existing remote RADIUS server group.

Syntax

rename remoteserver [ remoteservergroup = ] remoteservergroup [ address = ] address [ newaddress = ] newaddress

Parameters

  • remoteservergroup
    Required. Specifies the name of the remote RADIUS server group that contains the remote RADIUS server that you want to rename.
  • address
    Required. Specifies the FQDNor the IP address of the RADIUS server that you want to rename.
  • newaddress
    Required. Specifies the new FQDN or IP address of the RADIUS server that you want to rename.

Example

The following example changes the name of the server Server1.adatum.com in the remote RADIUS server group Servers1 to RADIUS-01. adatum.com.

rename remoteserver remoteservergroup = "Servers1" address = "Server1.adatum.com" newaddress = "RADIUS-01.adatum.com"

rename remoteservergroup

Renames the specified remote RADIUS server group.

Syntax

rename remoteservergroup [ name = ] name [newname =] new name

Parameters

  • name
    Required. Specifies the name of the remote RADIUS server group that you want to rename.
  • newname
    Required. Specifies the new name for the remote RADIUS server group.

Example

The following example changes the name of a remote RADIUS server group from Servers1 to Servers2.

rename remoteservergroup name = Servers1 newname = Servers2

reset remoteserver

Deletes the remote RADIUS servers configured in the specified remote RADIUS server group.

Syntax

reset remoteserver [ remoteservergroup = ] remoteservergroup

Parameters

  • remoteservergroup
    Required. Specifies the name of the remote RADIUS server group that contains the remote RADIUS servers you want to delete from the group.

reset remoteservergroup

Deletes the remote RADIUS server groups and restores the default configuration of NPS server remote RADIUS server groups, which contains no groups.

Syntax

reset remoteservergroup

set remoteserver

Changes the value of one or more properties of an existing RADIUS server that is a member of the specified remote RADIUS server group. Values specified by this command overwrite the existing values. This command cannot be used to change the name of the remote RADIUS server group. To rename a group, use the command rename remoteservergroup.

set remoteserver [ remoteservergroup = ] remoteservergroup [ address = ] address [ [ acctport = ] acctport [ authport = ] authport [ acctsharedsecret = ] acctsharedsecret [ authsharedsecret = ] authsharedsecret [ requireauthattrib = ] Yes | No [ priority = ] priority [ weight = ] weight [ timeout = ] timeout [ maxdropped = ] maxdropped [ blackout = ] blackout [ notifications = ] Yes | No ]

Syntax

Parameters

  • remoteservergroup
    Required. Specifies the name of the remote RADIUS server group whose configuration you want to change.
  • address
    Required. Specifies the FQDNor IP address of the RADIUS server that you want to modify.
  • acctport
    Optional. Specifies the UDP ports that are used for RADIUS accounting messages by the RADIUS server you specify with address. The defaults are 1813 and 1646.
  • authport
    Optional. Specifies the UDP ports that are used for RADIUS authentication messages by the RADIUS server you specify with address. The defaults are 1812 and 1645.
  • acctsharedsecret
    Optional. Specifies the shared secret that is used for accounting messages by the RADIUS server you specify with address.
  • authsharedsecret
    Optional. Specifies the shared secret that is used for authentication messages by the RADIUS server you specify with address.
  • requireauthattrib
    Optional. Specifies whether verification for Access-Request messages is enabled or disabled on the RADIUS server you specify with address. If you specify Yes, verification is enabled. If you specify No, verification is disabled. The default is disabled, or No.
  • priority
    Optional. Specifies whether the RADIUS server you designate with address is a primary or backup server. Primary servers are specified as one. The default value is one (primary). The value must be between one and 65535.
  • weight
    Optional. Specifies the frequency with which requests are sent to servers in that priority group. The default value is 50. The value must be between 1 and 65535.
  • timeout
    Optional. Specifies the maximum non-response time, in seconds, before the request is considered dropped by the RADIUS server you specify with address. The value must be equal to or less than the blackout value. The default value is three.
  • maxdropped
    Optional. Specifies the maximum number of requests that can be dropped before the server is considered to be unavailable. The default value is five.
  • blackout
    Optional. Specifies the time that elapses between requests, in seconds, before the server is considered unavailable. The default is 30.
  • notifications
    Optional. Specifies whether network access server start and stop notifications are forwarded. If you specify Yes, notifications are forwarded. If you specify No, notifications are not forwarded. The default is Yes.

show remoteserver

Displays the properties of a RADIUS server that is a member of the specified remote RADIUS server group. The following RADIUS server properties are displayed: authentication and accounting UDP ports; shared secret (displayed as asterisks only); priority; weight; timeout; max dropped requests; blackout time.

Syntax

show remoteserver [remoteservergroup =] remoteservergroup

Parameters

  • remoteservergroup
    Required. Specifies the name of the remote RADIUS server group of which the RADIUS server is a member.

show remoteservergroup

Displays the list of RADIUS servers configured in all remote RADIUS server groups.

Syntax

show remoteservergroup

See Also

Concepts

NPS Server Commands
RADIUS Client Commands
Connection Request Policy Commands
Network Policy Commands
Network Access Protection Commands for NPS
Accounting Commands