Register the NPS Server in Active Directory Domain Services

Applies To: Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

When Network Policy Server (NPS) is a member of an Active Directory® Domain Services (AD DS) domain, NPS performs authentication by comparing user credentials that it receives from network access servers with the credentials that are stored for the user account in AD DS. In addition, NPS authorizes connection requests by using network policy and by checking user account dial-in properties in AD DS.

For NPS to have permission to access user account credentials and dial-in properties in AD DS, the server running NPS must be registered in AD DS.

Membership in Domain Admins , or equivalent, is the minimum required to complete this procedure.

To register the NPS server in the default domain by using the NPS console

  1. Log on to the NPS server by using an account that has administrative credentials for the domain.

  2. Open the NPS console.

  3. Right-click NPS (Local) , and then click Register server in Active Directory . When the Register Network Policy Server in Active Directory dialog box appears, click OK .

To register the NPS server in the default domain using the netsh command

  1. Log on to the NPS server by using an account that has administrative credentials for the domain.

  2. Open Command Prompt .

  3. At the command prompt, type netsh ras add registeredserver , and then press ENTER.

To register the NPS server in the default domain using Active Directory Users and Computers

  1. Log on to the NPS server by using an account that has administrative credentials for the domain.

  2. Open the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in.

  3. In the console tree, click the Users folder in the appropriate domain.

  4. In the details pane, right-click RAS and IAS Servers , and then click Properties .

  5. In the RAS and IAS Servers Properties dialog box, on the Members tab, add each of the NPS servers.

    You can also add the NPS server to the RAS and IAS Servers group by using the Dsmod tool.

To register the NPS server in another domain using Active Directory Users and Computers

  1. Log on to the NPS server by using an account that has administrative credentials for the domain.

  2. Open the Active Directory Users and Computers snap-in.

  3. In the console tree, click the Users folder in the appropriate domain.

  4. In the details pane, right-click RAS and IAS Servers , and then click Properties .

  5. In the RAS and IAS Servers Properties dialog box, on the Members tab, add each of the NPS servers.

    You can also add the NPS server to the RAS and IAS Servers group by using the Dsmod tool.

To register the NPS server in another domain by using the netsh command

  1. Log on to the NPS server by using an account that has administrative credentials for the domain.

  2. Open Command Prompt .

  3. At the command prompt, type netsh ras add registeredserver DomainNPSServer , where Domain is the Domain Name System (DNS) name of the domain and NPSServer is the name of the NPS server computer.

Note

To open Active Directory Users and Computers, click Start , click Control Panel , double-click Administrative Tools , and then double-click Active Directory Users and Computers .

Note

To open a command prompt, click Start , point to All programs , point to Accessories , and then click Command prompt .