Configuring IAS for WPS Technology

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

For all scenarios in this paper, whether you are deploying IAS as a RADIUS proxy or IAS as a RADIUS server, you must configure IAS to be compatible with WPS technology by creating the EnableWPSCompatibility registry entry. When you configure and enable this registry entry, and then open a connection request policy profile in the IAS console, connection request policy user interface elements that allow you to configure Protected Extensible Authentication Protocol (PEAP) become visible.

To configure EnableWPSCompatibility

  1. Open Registry Editor.

  2. Browse to the following registry path:

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteAccess\Policy

  3. Right-click the Policy key, click New, and then click DWORD value.

  4. A new value is added to the details pane, with the default name of the value highlighted for editing. Replace the default name by typing EnableWPSCompatibility, then press Enter.

  5. Right-click EnableWPSCompatibility, and then click Modify.

  6. In Edit DWORD value, in Value data, change the integer to 1. The default value is 0 (disabled). All values other than 1 (enabled) are treated as 0 (disabled).

To verify that EnableWPSCompatibility is enabled

  1. Open the IAS console.

  2. Double-click Connection Request Processing, and then click Connection Request Policies.

  3. In the right pane, double-click the default connection request policy, named Use Windows authentication for all users, and then click Edit Profile. The Edit Profile dialog box opens.

  4. On the Authentication tab, below Authenticate requests on this server, you can see the Protected EAP check box.

To verify that EnableWPSCompatibility is disabled

  1. Open the IAS console.

  2. Double-click Connection Request Processing, and then click Connection Request Policies.

  3. In the right pane, double-click the default connection request policy, named Use Windows authentication for all users, and then click Edit Profile. The Edit Profile dialog box opens.

  4. On the Authentication tab, below Authenticate requests on this server, you cannot see the Protected EAP check box.

For additional IAS configuration steps, see the deployment scenarios in this paper.