Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computer Certification > MCSE > IAS RADIUS server in root domain servicing RRAS clients in subdomains

Reply
Thread Tools

IAS RADIUS server in root domain servicing RRAS clients in subdomains

 
 
eddiec
Guest
Posts: n/a
 
      04-20-2004
According to Transcender (Exam 70-297) you can have an IAS RADIUS server in
a root domain servicing RRAS clients in subdomains.

Specifically, the scenario is that you have a head office and other branch
offices that are subdomains of the head office domains. RRAS servers exist
in all branch offices. The business objective is that RRAS servers should be
administrered by local IT staff but RRAS policy should be determined
centrally in the head office. The correct Transcender solution is to place
an IAS server in the head office that will act as a RADIUS server for the
various RRAS servers.

The problem that I have with this is that I do not understand how the RADIUS
server in the head office (root domain) is going to access the Active
Directory account information for users dialling in to the local office
subdomain? How can this server authenticate users in a different domain?

Any assistance would be much appreciated.

TIA

eddiec


 
Reply With Quote
 
 
 
 
eddiec
Guest
Posts: n/a
 
      04-20-2004
Aha, but the parent domain by default in AD establishes a two way trust with
the child domain so therefore Transcender are right that the RADIUS server
in the root domain would authenticate users in the regional offices.

eddiec

"Srinidhi Viswanatha [MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> authentication of remote dial-in users from another domain is possible

only
> if the Radius server's domain trusts the user's domain.
>
> --
> Thanks
> Srinidhi
>
> This posting is provided "AS IS" with no warranties and confers no rights.
>
> "Srinidhi Viswanatha [MSFT]" <(E-Mail Removed)> wrote in

message
> news:(E-Mail Removed)...
> > The RADIUS server in the head office is not going to authenticate users

of
> a
> > different domain...only local users of the radius server and users of

the
> > domain to which the radius server belongs get access.
> >
> > --
> > Thanks
> > Srinidhi
> >
> > This posting is provided "AS IS" with no warranties and confers no

rights.
> >
> > "eddiec" <(E-Mail Removed)> wrote in message
> > news:408493f8$(E-Mail Removed)...
> > > According to Transcender (Exam 70-297) you can have an IAS RADIUS

server
> > in
> > > a root domain servicing RRAS clients in subdomains.
> > >
> > > Specifically, the scenario is that you have a head office and other

> branch
> > > offices that are subdomains of the head office domains. RRAS servers

> exist
> > > in all branch offices. The business objective is that RRAS servers

> should
> > be
> > > administrered by local IT staff but RRAS policy should be determined
> > > centrally in the head office. The correct Transcender solution is to

> place
> > > an IAS server in the head office that will act as a RADIUS server for

> the
> > > various RRAS servers.
> > >
> > > The problem that I have with this is that I do not understand how the

> > RADIUS
> > > server in the head office (root domain) is going to access the Active
> > > Directory account information for users dialling in to the local

office
> > > subdomain? How can this server authenticate users in a different

domain?
> > >
> > > Any assistance would be much appreciated.
> > >
> > > TIA
> > >
> > > eddiec
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
 
 
 
Guest
Posts: n/a
 
      04-20-2004
hang on let me think no one wont to listen
>-----Original Message-----
>Aha, but the parent domain by default in AD establishes a

two way trust with
>the child domain so therefore Transcender are right that

the RADIUS server
>in the root domain would authenticate users in the

regional offices.
>
>eddiec
>
>"Srinidhi Viswanatha [MSFT]"

<(E-Mail Removed)> wrote in message
>news:(E-Mail Removed)...
>> authentication of remote dial-in users from another

domain is possible
>only
>> if the Radius server's domain trusts the user's domain.
>>
>> --
>> Thanks
>> Srinidhi
>>
>> This posting is provided "AS IS" with no warranties and

confers no rights.
>>
>> "Srinidhi Viswanatha [MSFT]"

<(E-Mail Removed)> wrote in
>message
>> news:(E-Mail Removed)...
>> > The RADIUS server in the head office is not going to

authenticate users
>of
>> a
>> > different domain...only local users of the radius

server and users of
>the
>> > domain to which the radius server belongs get access.
>> >
>> > --
>> > Thanks
>> > Srinidhi
>> >
>> > This posting is provided "AS IS" with no warranties

and confers no
>rights.
>> >
>> > "eddiec" <(E-Mail Removed)> wrote in message
>> > news:408493f8$(E-Mail Removed)...
>> > > According to Transcender (Exam 70-297) you can have

an IAS RADIUS
>server
>> > in
>> > > a root domain servicing RRAS clients in subdomains.
>> > >
>> > > Specifically, the scenario is that you have a head

office and other
>> branch
>> > > offices that are subdomains of the head office

domains. RRAS servers
>> exist
>> > > in all branch offices. The business objective is

that RRAS servers
>> should
>> > be
>> > > administrered by local IT staff but RRAS policy

should be determined
>> > > centrally in the head office. The correct

Transcender solution is to
>> place
>> > > an IAS server in the head office that will act as a

RADIUS server for
>> the
>> > > various RRAS servers.
>> > >
>> > > The problem that I have with this is that I do not

understand how the
>> > RADIUS
>> > > server in the head office (root domain) is going to

access the Active
>> > > Directory account information for users dialling in

to the local
>office
>> > > subdomain? How can this server authenticate users

in a different
>domain?
>> > >
>> > > Any assistance would be much appreciated.
>> > >
>> > > TIA
>> > >
>> > > eddiec
>> > >
>> > >
>> >
>> >

>>
>>

>
>
>.
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ias or rras redirection =?Utf-8?B?dG9wZGF3ZzQ0?= Wireless Networking 0 08-15-2006 02:34 AM
MS radius server [IAS] & CatOS switches rel v8.x Thomas Kuborn Cisco 0 06-24-2004 07:03 PM



Advertisments