Copy the IAS configuration to another server

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To copy the IAS configuration to another server

  1. Open Command Prompt.

  2. At the command prompt, type **netsh aaaa show config >**path\file.txt.

    This stores configuration settings (including registry settings) in a text file. The path can be relative or absolute, or it can be a UNC path.

  3. Copy the file you created to the destination computer.

  4. At a command prompt on the destination computer, type netsh exec path\file.txt.

    A message appears indicating whether the update was successful.

Notes

  • To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.

  • You do not need to stop IAS on the destination computer to run the netsh exec command. When the command is run, IAS is automatically refreshed with the updated configuration settings.

  • Because IAS configurations are not encrypted in the text file, sending it over a network might pose a security risk.

  • Do not use this procedure if the source IAS database is a higher version number than the version number of the destination IAS database. You can view the version number of the IAS database from the display of the netsh aaaa show config command.

  • This procedure replicates the entire IAS, remote access policy, connection request policy, registry, and logging configuration.

  • You can copy a remote access configuration from a server running Routing and Remote Access and Windows 2000 or Windows Server 2003 to an IAS server. Use the netsh aaaa dump command at the remote access server to create a file that contains the configuration, copy it to the IAS server, and then use the netsh exec command to import the configuration to the IAS server. Next, configure RADIUS clients on the IAS server.

  • You can configure IAS in Windows Server 2003, Standard Edition, with a maximum of 50 RADIUS clients and a maximum of 2 remote RADIUS server groups. You can define a RADIUS client using a fully qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. If the fully qualified domain name of a RADIUS client resolves to multiple IP addresses, the IAS server uses the first IP address returned in the DNS query. With IAS in Windows Server 2003, Enterprise Edition, and Windows Server 2003, Datacenter Edition, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. In addition, you can configure RADIUS clients by specifying an IP address range.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

The Netsh Command-Line Utility
Netsh commands for remote access
Managing multiple IAS servers