Configure NPS to Use the Security Accounts Manager Database

Applies To: Windows Server 2008

Configure NPS to use the SAM database

When you install Network Policy Server (NPS) as a member server in an Active Directory® domain, it is configured by default to use the Active Directory user accounts database to authenticate and authorize connection requests.

In some cases, you might want to use the local Security Accounts Manager (SAM) database instead of the Active Directory user accounts database for the authentication and authorization of connection requests.

If the NPS server is not joined to a domain, NPS uses the SAM database by default.

Note

The SAM database is also called Local Users and Groups. You can manage user accounts for Local Users and Groups by using the Computer Management console on the local computer. To open Computer Management, click Start, click Administrative Tools, and then click Computer Management.

To configure a domain-member NPS server to use the SAM database on the local computer, configure the following registry key with the name of the local computer:

System\CurrentControlSet\Services\RasMan\PPP\ControlProtocols\BuiltIn\DefaultDomain

For example, if the name of your NPS server is NPS-01, configure the default domain registry key with the string value NPS-01.

Warning

Incorrectly editing the registry can severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.