IAS RADIUS server in root domain servicing RRAS clients in subdomains

Discussion in 'MCSE' started by eddiec, Apr 20, 2004.

  1. eddiec

    eddiec Guest

    According to Transcender (Exam 70-297) you can have an IAS RADIUS server in
    a root domain servicing RRAS clients in subdomains.

    Specifically, the scenario is that you have a head office and other branch
    offices that are subdomains of the head office domains. RRAS servers exist
    in all branch offices. The business objective is that RRAS servers should be
    administrered by local IT staff but RRAS policy should be determined
    centrally in the head office. The correct Transcender solution is to place
    an IAS server in the head office that will act as a RADIUS server for the
    various RRAS servers.

    The problem that I have with this is that I do not understand how the RADIUS
    server in the head office (root domain) is going to access the Active
    Directory account information for users dialling in to the local office
    subdomain? How can this server authenticate users in a different domain?

    Any assistance would be much appreciated.

    TIA

    eddiec :)
     
    eddiec, Apr 20, 2004
    #1
    1. Advertising

  2. eddiec

    eddiec Guest

    Aha, but the parent domain by default in AD establishes a two way trust with
    the child domain so therefore Transcender are right that the RADIUS server
    in the root domain would authenticate users in the regional offices.

    eddiec :)

    "Srinidhi Viswanatha [MSFT]" <> wrote in message
    news:...
    > authentication of remote dial-in users from another domain is possible

    only
    > if the Radius server's domain trusts the user's domain.
    >
    > --
    > Thanks
    > Srinidhi
    >
    > This posting is provided "AS IS" with no warranties and confers no rights.
    >
    > "Srinidhi Viswanatha [MSFT]" <> wrote in

    message
    > news:...
    > > The RADIUS server in the head office is not going to authenticate users

    of
    > a
    > > different domain...only local users of the radius server and users of

    the
    > > domain to which the radius server belongs get access.
    > >
    > > --
    > > Thanks
    > > Srinidhi
    > >
    > > This posting is provided "AS IS" with no warranties and confers no

    rights.
    > >
    > > "eddiec" <> wrote in message
    > > news:408493f8$...
    > > > According to Transcender (Exam 70-297) you can have an IAS RADIUS

    server
    > > in
    > > > a root domain servicing RRAS clients in subdomains.
    > > >
    > > > Specifically, the scenario is that you have a head office and other

    > branch
    > > > offices that are subdomains of the head office domains. RRAS servers

    > exist
    > > > in all branch offices. The business objective is that RRAS servers

    > should
    > > be
    > > > administrered by local IT staff but RRAS policy should be determined
    > > > centrally in the head office. The correct Transcender solution is to

    > place
    > > > an IAS server in the head office that will act as a RADIUS server for

    > the
    > > > various RRAS servers.
    > > >
    > > > The problem that I have with this is that I do not understand how the

    > > RADIUS
    > > > server in the head office (root domain) is going to access the Active
    > > > Directory account information for users dialling in to the local

    office
    > > > subdomain? How can this server authenticate users in a different

    domain?
    > > >
    > > > Any assistance would be much appreciated.
    > > >
    > > > TIA
    > > >
    > > > eddiec :)
    > > >
    > > >

    > >
    > >

    >
    >
     
    eddiec, Apr 20, 2004
    #2
    1. Advertising

  3. eddiec

    Guest Guest

    hang on let me think no one wont to listen
    >-----Original Message-----
    >Aha, but the parent domain by default in AD establishes a

    two way trust with
    >the child domain so therefore Transcender are right that

    the RADIUS server
    >in the root domain would authenticate users in the

    regional offices.
    >
    >eddiec :)
    >
    >"Srinidhi Viswanatha [MSFT]"

    <> wrote in message
    >news:...
    >> authentication of remote dial-in users from another

    domain is possible
    >only
    >> if the Radius server's domain trusts the user's domain.
    >>
    >> --
    >> Thanks
    >> Srinidhi
    >>
    >> This posting is provided "AS IS" with no warranties and

    confers no rights.
    >>
    >> "Srinidhi Viswanatha [MSFT]"

    <> wrote in
    >message
    >> news:...
    >> > The RADIUS server in the head office is not going to

    authenticate users
    >of
    >> a
    >> > different domain...only local users of the radius

    server and users of
    >the
    >> > domain to which the radius server belongs get access.
    >> >
    >> > --
    >> > Thanks
    >> > Srinidhi
    >> >
    >> > This posting is provided "AS IS" with no warranties

    and confers no
    >rights.
    >> >
    >> > "eddiec" <> wrote in message
    >> > news:408493f8$...
    >> > > According to Transcender (Exam 70-297) you can have

    an IAS RADIUS
    >server
    >> > in
    >> > > a root domain servicing RRAS clients in subdomains.
    >> > >
    >> > > Specifically, the scenario is that you have a head

    office and other
    >> branch
    >> > > offices that are subdomains of the head office

    domains. RRAS servers
    >> exist
    >> > > in all branch offices. The business objective is

    that RRAS servers
    >> should
    >> > be
    >> > > administrered by local IT staff but RRAS policy

    should be determined
    >> > > centrally in the head office. The correct

    Transcender solution is to
    >> place
    >> > > an IAS server in the head office that will act as a

    RADIUS server for
    >> the
    >> > > various RRAS servers.
    >> > >
    >> > > The problem that I have with this is that I do not

    understand how the
    >> > RADIUS
    >> > > server in the head office (root domain) is going to

    access the Active
    >> > > Directory account information for users dialling in

    to the local
    >office
    >> > > subdomain? How can this server authenticate users

    in a different
    >domain?
    >> > >
    >> > > Any assistance would be much appreciated.
    >> > >
    >> > > TIA
    >> > >
    >> > > eddiec :)
    >> > >
    >> > >
    >> >
    >> >

    >>
    >>

    >
    >
    >.
    >
     
    Guest, Apr 20, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Thomas Kuborn
    Replies:
    0
    Views:
    605
    Thomas Kuborn
    Jun 24, 2004
  2. Martin Bodenstedt
    Replies:
    6
    Views:
    9,360
    dbcooper_1
    Apr 13, 2009
  3. =?Utf-8?B?dG9wZGF3ZzQ0?=

    ias or rras redirection

    =?Utf-8?B?dG9wZGF3ZzQ0?=, Aug 15, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    453
    =?Utf-8?B?dG9wZGF3ZzQ0?=
    Aug 15, 2006
  4. Georg Dingler
    Replies:
    0
    Views:
    1,248
    Georg Dingler
    Nov 8, 2006
  5. Limited Wisdom
    Replies:
    7
    Views:
    792
    Jonathan Roberts
    Sep 13, 2006
Loading...

Share This Page