Enable the IAS server to read user accounts in Active Directory

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To enable the IAS server to read user accounts in Active Directory

To register the IAS server in the default domain using Internet Authentication Service:

  1. Log on to the IAS server with an account that has administrative credentials for the domain.

  2. Open Internet Authentication Service.

  3. Right-click Internet Authentication Service, and then click Register Server in Active Directory. When the Register Internet Authentication Service in Active Directory dialog box appears, click OK.

To register the IAS server in the default domain using the netsh command:

  1. Log on to the IAS server with an account that has administrative credentials for the domain.

  2. Open Command Prompt.

  3. At the command prompt, type: netsh ras add registeredserver

To register the IAS server in the default domain using Active Directory Users and Computers:

  1. Log on to the IAS server with an account that has administrative credentials for the domain.

  2. Open Active Directory Users and Computers.

  3. In the console tree, click the Users folder in the appropriate domain.

  4. In the details pane, right-click RAS and IAS Servers, and then click Properties.

  5. In the RAS and IAS Servers Properties dialog box, on the Members tab, add each of the IAS servers.

To register the IAS server in another domain using Active Directory Users and Computers:

  1. Log on to the IAS server with an account that has administrative credentials for the domain.

  2. Open Active Directory Users and Computers.

  3. In the console tree, click the Users folder in the appropriate domain.

  4. In the details pane, right-click RAS and IAS Servers, and then click Properties.

  5. In the RAS and IAS Servers Properties dialog box, on the Members tab, add each of the IAS servers.

To register the IAS server in another domain using the netsh command:

  1. Log on to the IAS server with an account that has administrative credentials for the domain.

  2. Open Command Prompt.

  3. At the command prompt, type netsh ras add registeredserver Domain IASServer, where Domain is the DNS domain name of the domain and IASServer is the name of the IAS server computer.

Notes

  • To open Internet Authentication Service, click Start, click Control Panel, double-click Administrative Tools, and then double-click Internet Authentication Service.

  • To open Active Directory Users and Computers, click Start, click Control Panel, double-click Administrative Tools, and then double-click Active Directory Users and Computers.

  • To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.

  • After you register the service in Active Directory, you can verify the security settings. For more information, see Related Topics.

  • You can add the IAS server to the RAS and IAS Servers group with the Dsmod tool.

  • For more information about how to use IAS or Routing and Remote Access servers as stand-alone servers or member servers in Windows NT 4.0 domains, Windows 2000 mixed domains, Windows 2000 native domains, and Windows Server 2003 domains, see the links below.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Verify permissions for the RAS and IAS security group
Stand-alone server
Member server in a domain
Dsmod
Domain and forest functionality