Hello,
Thank you for your post.
Actually, we can install IAS (Internet Authentication Service, Microsoft
Remote Authentication Dial-In User Service
) on a domain controllers or a member server. We can optimize IAS
performance by positioning the IAS servers strategically. Use the following
guidelines when deciding where to position your IAS servers:
1. Locate IAS servers in the same domain with the server that provides
remote user account authentication.
2. Locate IAS on a domain controller and store the user account database in
Active Directory.
In addition, the following factors can negatively impact IAS performance:
-The current load of the domain controller.
-The resolution of user principal names user principal names, resulting in
an additional remote procedure call (RPC) remote procedure call (RPC) query
against the computer that contains the global catalog.
- EAP-based authentication methods, involving multiple challenge-response
exchanges.
-The type of hardware in use.
-Network latency between:
The IAS server and the domain controller.
The IAS server and the computer that contains the global catalog global
catalog.
The IAS server and the access server.
You can optimize the performance of an IAS solution by scaling IAS to meet
increasing demands in your organization and by including more than one
RADIUS client and server in your network design.
We have a specific news group for IAS/Radius, which is the best one for
this issue. I would like to suggest that you submit a new post there for
more informative and detailed information regarding these questions:
microsoft.public.internet.radius
More Reference Regarding IAS:
--------------------------------
816586 HOW TO: Configure a Primary Internet Authentication Service Server
on a Domain Controller in Windows Server 2003
http://support.microsoft.com/?id=816586
Deploying IAS
http://www.microsoft.com/technet/tre...hnet/prodtechn
ol/windowsserver2003/proddocs/deployguide/dnsbk_ias_overview.asp
Windows Server 2003 Internet Authentication Service Center
http://www.microsoft.com/windowsserv...s/default.mspx
IAS Best practices
http://www.microsoft.com/technet/tre...hnet/prodtechn
ol/windowsserver2003/proddocs/entserver/sag_ias_bestprac.asp
Thanks!
Regards,
Joe Wu
Product Support Services
Microsoft Corporation
Get Secure! -
www.microsoft.com/security
================================================== ==
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
================================================== ==
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
|Content-Class: urn:content-classes:message
|From: "Skarlund" <(E-Mail Removed)>
|Sender: "Skarlund" <(E-Mail Removed)>
|Subject: Radius!
|Date: Mon, 15 Dec 2003 00:45:57 -0800
|Lines: 14
|Message-ID: <03cd01c3c2e7$dbac4540$(E-Mail Removed)>
|MIME-Version: 1.0
|Content-Type: text/plain;
| charset="iso-8859-1"
|Content-Transfer-Encoding: 7bit
|X-Newsreader: Microsoft CDO for Windows 2000
|Thread-Index: AcPC59usdcmYbHngTJSYdwgs7nPaQw==
|X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
|Newsgroups: microsoft.public.windows.server.networking
|Path: cpmsftngxa07.phx.gbl
|Xref: cpmsftngxa07.phx.gbl microsoft.public.windows.server.networking:6625
|NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
|X-Tomcat-NG: microsoft.public.windows.server.networking
|
|I'm going to setup a Radius server in a Windows 2003
|domain.
|
|- Should Radius be installed on a DC or a member server,
|which is too recommended and why?
|- How will Radius impact the performance on a server?
|- Is there any failover function in Radius? Let's say
|there are 2 servers and one of them goes off-line, will
|the other Radius server take over?
|- Something else that I should think off?
|
|Thanks.
|
|
|
Similar Threads
Linear Mode
