Archive

Archive for the ‘Windows Server 2008 R2’ Category

Windows 7 is now Common Criteria Certified!

April 27th, 2011 No comments

Our friends over at the FutureFed blog reported that Windows 7 the has passed  the Common Criteria (CC) certification process and achieved Evaluation Assurance Level 4 with augmentation (EAL4+). Common Criteria certification is an international standard recognized by 26 member nations including the United States and is a procurement requirement for U.S. Defense and national security customers.

With this certification, we are excited that our federal customers as well as foreign governments can feel secure in deploying Windows 7, having successfully passed the rigorous security testing protocols set forth by the National Information Assurance Partnership.

Several governments have already successfully deployed Windows 7, including the Moscow North District Prefecture in Russia, the Vernon Hills Police Department in Chicago, Illinois, the City of Miami, Florida and the City of Stockholm, Sweden.

This is exciting news, but not surprising as Windows 7 is our most secure operating system to date. In addition to enhancing existing security features in Windows, we incorporated customer feedback throughout the development process of Windows 7 to deliver innovative new security features, including Direct Access, AppLocker and BitLocker To Go.

Congratulations, Windows 7!

Windows 7 is now Common Criteria Certified!

April 27th, 2011 No comments

Our friends over at the FutureFed blog reported that Windows 7 the has passed  the Common Criteria (CC) certification process and achieved Evaluation Assurance Level 4 with augmentation (EAL4+). Common Criteria certification is an international standard recognized by 26 member nations including the United States and is a procurement requirement for U.S. Defense and national security customers.

With this certification, we are excited that our federal customers as well as foreign governments can feel secure in deploying Windows 7, having successfully passed the rigorous security testing protocols set forth by the National Information Assurance Partnership.

Several governments have already successfully deployed Windows 7, including the Moscow North District Prefecture in Russia, the Vernon Hills Police Department in Chicago, Illinois, the City of Miami, Florida and the City of Stockholm, Sweden.

This is exciting news, but not surprising as Windows 7 is our most secure operating system to date. In addition to enhancing existing security features in Windows, we incorporated customer feedback throughout the development process of Windows 7 to deliver innovative new security features, including Direct Access, AppLocker and BitLocker To Go.

Congratulations, Windows 7!

Windows 7 is now Common Criteria Certified!

April 27th, 2011 No comments

Our friends over at the FutureFed blog reported that Windows 7 the has passed  the Common Criteria (CC) certification process and achieved Evaluation Assurance Level 4 with augmentation (EAL4+). Common Criteria certification is an international standard recognized by 26 member nations including the United States and is a procurement requirement for U.S. Defense and national security customers.

With this certification, we are excited that our federal customers as well as foreign governments can feel secure in deploying Windows 7, having successfully passed the rigorous security testing protocols set forth by the National Information Assurance Partnership.

Several governments have already successfully deployed Windows 7, including the Moscow North District Prefecture in Russia, the Vernon Hills Police Department in Chicago, Illinois, the City of Miami, Florida and the City of Stockholm, Sweden.

This is exciting news, but not surprising as Windows 7 is our most secure operating system to date. In addition to enhancing existing security features in Windows, we incorporated customer feedback throughout the development process of Windows 7 to deliver innovative new security features, including Direct Access, AppLocker and BitLocker To Go.

Congratulations, Windows 7!

See NAP at TechEd 2009

May 12th, 2009 No comments

Hey NAP Fans!


If you are attending TechEd 2009 in Los Angeles this week, be sure to stop by the NAP booth in the Microsoft Technical Learning Center (TLC).  It is a great opportunity to meet and speak with NAP team members and learn about some of the enhancements and new scenarios in Windows® 7 and Windows® Server 2008 R2. 


Also there are at least two breakout sessions that would be useful for anyone interested in learning more about NAP deployments.   Both are on Friday May 15th:


WSV206 Windows Clients and Windows Server 2008 NAP: Why They Are Better Together


Presenter: Jay Ferron


Fri 5/15 | 9:00 AM-10:15 AM | Room 502A


 


WSV305 Deploying NAP: Best Practices and Lessons Learned


Presenters: Venkatesh Gopalakrishnan, Lambert Green


Fri 5/15 | 2:45 PM-4:00 PM | Room 403B


 


Hope to see you there,


The NAP Team

See NAP at TechEd 2009

May 12th, 2009 Comments off

Hey NAP Fans!


If you are attending TechEd 2009 in Los Angeles this week, be sure to stop by the NAP booth in the Microsoft Technical Learning Center (TLC).  It is a great opportunity to meet and speak with NAP team members and learn about some of the enhancements and new scenarios in Windows® 7 and Windows® Server 2008 R2. 


Also there are at least two breakout sessions that would be useful for anyone interested in learning more about NAP deployments.   Both are on Friday May 15th:


WSV206 Windows Clients and Windows Server 2008 NAP: Why They Are Better Together


Presenter: Jay Ferron


Fri 5/15 | 9:00 AM-10:15 AM | Room 502A


 


WSV305 Deploying NAP: Best Practices and Lessons Learned


Presenters: Venkatesh Gopalakrishnan, Lambert Green


Fri 5/15 | 2:45 PM-4:00 PM | Room 403B


 


Hope to see you there,


The NAP Team

See NAP at TechEd 2009

May 12th, 2009 No comments

Hey NAP Fans!


If you are attending TechEd 2009 in Los Angeles this week, be sure to stop by the NAP booth in the Microsoft Technical Learning Center (TLC).  It is a great opportunity to meet and speak with NAP team members and learn about some of the enhancements and new scenarios in Windows® 7 and Windows® Server 2008 R2. 


Also there are at least two breakout sessions that would be useful for anyone interested in learning more about NAP deployments.   Both are on Friday May 15th:


WSV206 Windows Clients and Windows Server 2008 NAP: Why They Are Better Together


Presenter: Jay Ferron


Fri 5/15 | 9:00 AM-10:15 AM | Room 502A


 


WSV305 Deploying NAP: Best Practices and Lessons Learned


Presenters: Venkatesh Gopalakrishnan, Lambert Green


Fri 5/15 | 2:45 PM-4:00 PM | Room 403B


 


Hope to see you there,


The NAP Team

See NAP at TechEd 2009

May 12th, 2009 No comments

Hey NAP Fans!


If you are attending TechEd 2009 in Los Angeles this week, be sure to stop by the NAP booth in the Microsoft Technical Learning Center (TLC).  It is a great opportunity to meet and speak with NAP team members and learn about some of the enhancements and new scenarios in Windows® 7 and Windows® Server 2008 R2. 


Also there are at least two breakout sessions that would be useful for anyone interested in learning more about NAP deployments.   Both are on Friday May 15th:


WSV206 Windows Clients and Windows Server 2008 NAP: Why They Are Better Together


Presenter: Jay Ferron


Fri 5/15 | 9:00 AM-10:15 AM | Room 502A


 


WSV305 Deploying NAP: Best Practices and Lessons Learned


Presenters: Venkatesh Gopalakrishnan, Lambert Green


Fri 5/15 | 2:45 PM-4:00 PM | Room 403B


 


Hope to see you there,


The NAP Team

See NAP at TechEd 2009

May 12th, 2009 No comments

Hey NAP Fans!


If you are attending TechEd 2009 in Los Angeles this week, be sure to stop by the NAP booth in the Microsoft Technical Learning Center (TLC).  It is a great opportunity to meet and speak with NAP team members and learn about some of the enhancements and new scenarios in Windows® 7 and Windows® Server 2008 R2. 


Also there are at least two breakout sessions that would be useful for anyone interested in learning more about NAP deployments.   Both are on Friday May 15th:


WSV206 Windows Clients and Windows Server 2008 NAP: Why They Are Better Together


Presenter: Jay Ferron


Fri 5/15 | 9:00 AM-10:15 AM | Room 502A


 


WSV305 Deploying NAP: Best Practices and Lessons Learned


Presenters: Venkatesh Gopalakrishnan, Lambert Green


Fri 5/15 | 2:45 PM-4:00 PM | Room 403B


 


Hope to see you there,


The NAP Team

See NAP at TechEd 2009

May 11th, 2009 No comments

Hey NAP Fans!

If you are attending TechEd 2009 in Los Angeles this week, be sure to stop by the NAP booth in the Microsoft Technical Learning Center (TLC).  It is a great opportunity to meet and speak with NAP team members and learn about some of the enhancements and new scenarios in Windows® 7 and Windows® Server 2008 R2. 

Also there are at least two breakout sessions that would be useful for anyone interested in learning more about NAP deployments.   Both are on Friday May 15th:

WSV206 Windows Clients and Windows Server 2008 NAP: Why They Are Better Together

Presenter: Jay Ferron

Fri 5/15 | 9:00 AM-10:15 AM | Room 502A

 

WSV305 Deploying NAP: Best Practices and Lessons Learned

Presenters: Venkatesh Gopalakrishnan, Lambert Green

Fri 5/15 | 2:45 PM-4:00 PM | Room 403B

 

Hope to see you there,

The NAP Team

SHV Multi-Config in Windows Server 2008 R2

April 2nd, 2009 No comments

In Windows Server 2008, a system health validator (SHV) installed on the NPS server can be configured in a single way. This works well if your system health requirements are the same for all of your NAP enforcement methods and all of your computers. However, some deployments require different sets of health requirements for different enforcement methods and different groups of computers. For example, you might want to specify that desktop computers must have their anti-virus software enabled and VPN-connected computers must have their anti-virus software enabled and signature file up-to-date.


In Windows Server 2008 R2, the NAP platform supports SHVs in multiple configurations to support these more advanced configurations, a feature known as SHV multi-config. Existing SHVs must be updated to take advantage of this new feature and new SHVs should be written to use this feature. The Windows Security Health Validator (WSHV) provided with Windows Server 2008 R2 supports SHV multi-config. For more information, see the new INapComponentConfig3 API at http://msdn.microsoft.com/en-us/library/dd392506(VS.85).aspx.


To see the SHV multi-config support for the WSHV, use the Network Policy Server snap-in and open Network Access Protection-System Health Validators-Windows System Health Validator-Settings. The following figure shows an example.


Windows System Health Validator settings 


For a larger version of this figure, click here.


There is a default configuration that you can configure if you only need a single configuration of the WSHV settings. This default configuration cannot be deleted or renamed. When you create health requirement policies with the NAP wizard, it will configure your health policies to use this default configuration.


To create another configuration for the WSHV, do the following:


1. Right-click Settings, and then click New.


2. In the Configuration Friendly Name dialog box, type a name for the new configuration, and then click OK.


3. In the Windows Security Health Validator dialog box, specify the system health requirements and then click OK.


The following figure shows an example of a new WSHV configuration with the name WSHV Settings for DHCP.


WSHV Settings for DHCP 


For a larger version of this figure, click here.


To specify the use of a non-default configuration for the WSHV in the Network Policy Server snap-in, open Policies-Health Policies, and then double-click the name of the health policy that you want to modify. On the Settings tab, in the SHVs used in this health policy list, click the drop-down arrow in the Setting column for the Windows Security Health Validator SHV to see a list of configurations. The following figure shows an example.


Example of selecting an SHV configuration 


Click the desired configuration of the WSHV, and then click OK.


 


NAP Product Team 

SHV Multi-Config in Windows Server 2008 R2

April 2nd, 2009 No comments

In Windows Server 2008, a system health validator (SHV) installed on the NPS server can be configured in a single way. This works well if your system health requirements are the same for all of your NAP enforcement methods and all of your computers. However, some deployments require different sets of health requirements for different enforcement methods and different groups of computers. For example, you might want to specify that desktop computers must have their anti-virus software enabled and VPN-connected computers must have their anti-virus software enabled and signature file up-to-date.


In Windows Server 2008 R2, the NAP platform supports SHVs in multiple configurations to support these more advanced configurations, a feature known as SHV multi-config. Existing SHVs must be updated to take advantage of this new feature and new SHVs should be written to use this feature. The Windows Security Health Validator (WSHV) provided with Windows Server 2008 R2 supports SHV multi-config. For more information, see the new INapComponentConfig3 API at http://msdn.microsoft.com/en-us/library/dd392506(VS.85).aspx.


To see the SHV multi-config support for the WSHV, use the Network Policy Server snap-in and open Network Access Protection-System Health Validators-Windows System Health Validator-Settings. The following figure shows an example.


Windows System Health Validator settings 


For a larger version of this figure, click here.


There is a default configuration that you can configure if you only need a single configuration of the WSHV settings. This default configuration cannot be deleted or renamed. When you create health requirement policies with the NAP wizard, it will configure your health policies to use this default configuration.


To create another configuration for the WSHV, do the following:


1. Right-click Settings, and then click New.


2. In the Configuration Friendly Name dialog box, type a name for the new configuration, and then click OK.


3. In the Windows Security Health Validator dialog box, specify the system health requirements and then click OK.


The following figure shows an example of a new WSHV configuration with the name WSHV Settings for DHCP.


WSHV Settings for DHCP 


For a larger version of this figure, click here.


To specify the use of a non-default configuration for the WSHV in the Network Policy Server snap-in, open Policies-Health Policies, and then double-click the name of the health policy that you want to modify. On the Settings tab, in the SHVs used in this health policy list, click the drop-down arrow in the Setting column for the Windows Security Health Validator SHV to see a list of configurations. The following figure shows an example.


Example of selecting an SHV configuration 


Click the desired configuration of the WSHV, and then click OK.


 


NAP Product Team 

SHV Multi-Config in Windows Server 2008 R2

April 2nd, 2009 No comments

In Windows Server 2008, a system health validator (SHV) installed on the NPS server can be configured in a single way. This works well if your system health requirements are the same for all of your NAP enforcement methods and all of your computers. However, some deployments require different sets of health requirements for different enforcement methods and different groups of computers. For example, you might want to specify that desktop computers must have their anti-virus software enabled and VPN-connected computers must have their anti-virus software enabled and signature file up-to-date.


In Windows Server 2008 R2, the NAP platform supports SHVs in multiple configurations to support these more advanced configurations, a feature known as SHV multi-config. Existing SHVs must be updated to take advantage of this new feature and new SHVs should be written to use this feature. The Windows Security Health Validator (WSHV) provided with Windows Server 2008 R2 supports SHV multi-config. For more information, see the new INapComponentConfig3 API at http://msdn.microsoft.com/en-us/library/dd392506(VS.85).aspx.


To see the SHV multi-config support for the WSHV, use the Network Policy Server snap-in and open Network Access Protection-System Health Validators-Windows System Health Validator-Settings. The following figure shows an example.


Windows System Health Validator settings 


For a larger version of this figure, click here.


There is a default configuration that you can configure if you only need a single configuration of the WSHV settings. This default configuration cannot be deleted or renamed. When you create health requirement policies with the NAP wizard, it will configure your health policies to use this default configuration.


To create another configuration for the WSHV, do the following:


1. Right-click Settings, and then click New.


2. In the Configuration Friendly Name dialog box, type a name for the new configuration, and then click OK.


3. In the Windows Security Health Validator dialog box, specify the system health requirements and then click OK.


The following figure shows an example of a new WSHV configuration with the name WSHV Settings for DHCP.


WSHV Settings for DHCP 


For a larger version of this figure, click here.


To specify the use of a non-default configuration for the WSHV in the Network Policy Server snap-in, open Policies-Health Policies, and then double-click the name of the health policy that you want to modify. On the Settings tab, in the SHVs used in this health policy list, click the drop-down arrow in the Setting column for the Windows Security Health Validator SHV to see a list of configurations. The following figure shows an example.


Example of selecting an SHV configuration 


Click the desired configuration of the WSHV, and then click OK.


 


NAP Product Team 

SHV Multi-Config in Windows Server 2008 R2

April 2nd, 2009 No comments

In Windows Server 2008, a system health validator (SHV) installed on the NPS server can be configured in a single way. This works well if your system health requirements are the same for all of your NAP enforcement methods and all of your computers. However, some deployments require different sets of health requirements for different enforcement methods and different groups of computers. For example, you might want to specify that desktop computers must have their anti-virus software enabled and VPN-connected computers must have their anti-virus software enabled and signature file up-to-date.


In Windows Server 2008 R2, the NAP platform supports SHVs in multiple configurations to support these more advanced configurations, a feature known as SHV multi-config. Existing SHVs must be updated to take advantage of this new feature and new SHVs should be written to use this feature. The Windows Security Health Validator (WSHV) provided with Windows Server 2008 R2 supports SHV multi-config. For more information, see the new INapComponentConfig3 API at http://msdn.microsoft.com/en-us/library/dd392506(VS.85).aspx.


To see the SHV multi-config support for the WSHV, use the Network Policy Server snap-in and open Network Access Protection-System Health Validators-Windows System Health Validator-Settings. The following figure shows an example.


Windows System Health Validator settings 


For a larger version of this figure, click here.


There is a default configuration that you can configure if you only need a single configuration of the WSHV settings. This default configuration cannot be deleted or renamed. When you create health requirement policies with the NAP wizard, it will configure your health policies to use this default configuration.


To create another configuration for the WSHV, do the following:


1. Right-click Settings, and then click New.


2. In the Configuration Friendly Name dialog box, type a name for the new configuration, and then click OK.


3. In the Windows Security Health Validator dialog box, specify the system health requirements and then click OK.


The following figure shows an example of a new WSHV configuration with the name WSHV Settings for DHCP.


WSHV Settings for DHCP 


For a larger version of this figure, click here.


To specify the use of a non-default configuration for the WSHV in the Network Policy Server snap-in, open Policies-Health Policies, and then double-click the name of the health policy that you want to modify. On the Settings tab, in the SHVs used in this health policy list, click the drop-down arrow in the Setting column for the Windows Security Health Validator SHV to see a list of configurations. The following figure shows an example.


Example of selecting an SHV configuration 


Click the desired configuration of the WSHV, and then click OK.


 


NAP Product Team 

SHV Multi-Config in Windows Server 2008 R2

April 2nd, 2009 Comments off

In Windows Server 2008, a system health validator (SHV) installed on the NPS server can be configured in a single way. This works well if your system health requirements are the same for all of your NAP enforcement methods and all of your computers. However, some deployments require different sets of health requirements for different enforcement methods and different groups of computers. For example, you might want to specify that desktop computers must have their anti-virus software enabled and VPN-connected computers must have their anti-virus software enabled and signature file up-to-date.


In Windows Server 2008 R2, the NAP platform supports SHVs in multiple configurations to support these more advanced configurations, a feature known as SHV multi-config. Existing SHVs must be updated to take advantage of this new feature and new SHVs should be written to use this feature. The Windows Security Health Validator (WSHV) provided with Windows Server 2008 R2 supports SHV multi-config. For more information, see the new INapComponentConfig3 API at http://msdn.microsoft.com/en-us/library/dd392506(VS.85).aspx.


To see the SHV multi-config support for the WSHV, use the Network Policy Server snap-in and open Network Access Protection-System Health Validators-Windows System Health Validator-Settings. The following figure shows an example.


Windows System Health Validator settings 


For a larger version of this figure, click here.


There is a default configuration that you can configure if you only need a single configuration of the WSHV settings. This default configuration cannot be deleted or renamed. When you create health requirement policies with the NAP wizard, it will configure your health policies to use this default configuration.


To create another configuration for the WSHV, do the following:


1. Right-click Settings, and then click New.


2. In the Configuration Friendly Name dialog box, type a name for the new configuration, and then click OK.


3. In the Windows Security Health Validator dialog box, specify the system health requirements and then click OK.


The following figure shows an example of a new WSHV configuration with the name WSHV Settings for DHCP.


WSHV Settings for DHCP 


For a larger version of this figure, click here.


To specify the use of a non-default configuration for the WSHV in the Network Policy Server snap-in, open Policies-Health Policies, and then double-click the name of the health policy that you want to modify. On the Settings tab, in the SHVs used in this health policy list, click the drop-down arrow in the Setting column for the Windows Security Health Validator SHV to see a list of configurations. The following figure shows an example.


Example of selecting an SHV configuration 


Click the desired configuration of the WSHV, and then click OK.


 


NAP Product Team 

SHV Multi-Config in Windows Server 2008 R2

April 1st, 2009 No comments

In Windows Server 2008, a system health validator (SHV) installed on the NPS server can be configured in a single way. This works well if your system health requirements are the same for all of your NAP enforcement methods and all of your computers. However, some deployments require different sets of health requirements for different enforcement methods and different groups of computers. For example, you might want to specify that desktop computers must have their anti-virus software enabled and VPN-connected computers must have their anti-virus software enabled and signature file up-to-date.

In Windows Server 2008 R2, the NAP platform supports SHVs in multiple configurations to support these more advanced configurations, a feature known as SHV multi-config. Existing SHVs must be updated to take advantage of this new feature and new SHVs should be written to use this feature. The Windows Security Health Validator (WSHV) provided with Windows Server 2008 R2 supports SHV multi-config. For more information, see the new INapComponentConfig3 API at http://msdn.microsoft.com/en-us/library/dd392506(VS.85).aspx.

To see the SHV multi-config support for the WSHV, use the Network Policy Server snap-in and open Network Access Protection-System Health Validators-Windows System Health Validator-Settings. The following figure shows an example.

Windows System Health Validator settings 

For a larger version of this figure, click here.

There is a default configuration that you can configure if you only need a single configuration of the WSHV settings. This default configuration cannot be deleted or renamed. When you create health requirement policies with the NAP wizard, it will configure your health policies to use this default configuration.

To create another configuration for the WSHV, do the following:

1. Right-click Settings, and then click New.

2. In the Configuration Friendly Name dialog box, type a name for the new configuration, and then click OK.

3. In the Windows Security Health Validator dialog box, specify the system health requirements and then click OK.

The following figure shows an example of a new WSHV configuration with the name WSHV Settings for DHCP.

WSHV Settings for DHCP 

For a larger version of this figure, click here.

To specify the use of a non-default configuration for the WSHV in the Network Policy Server snap-in, open Policies-Health Policies, and then double-click the name of the health policy that you want to modify. On the Settings tab, in the SHVs used in this health policy list, click the drop-down arrow in the Setting column for the Windows Security Health Validator SHV to see a list of configurations. The following figure shows an example.

Example of selecting an SHV configuration 

Click the desired configuration of the WSHV, and then click OK.

 

NAP Product Team

 

Example of using the new NPS templates feature in Windows Server 2008 R2

February 26th, 2009 No comments

In a previous NAP blog entry, we described the new NPS templates feature in Windows Server 2008 R2. In this blog entry, we show an example of using a template for a RADIUS shared secret.


Templates for RADIUS shared secrets allow users to specify a shared secret that can be reused when configuring RADIUS clients and remote RADIUS servers in the Network Policy Server snap-in. To create and use a RADIUS shared secret template, do the following:


1. From the Network Policy Server snap-in, open the Templates Management node.


2. In the console tree, right-click Shared Secrets, and then click New.


3. In Template Name, type a name for the shared secret template, and then either manually specify the shared secret or have NPS automatically generate one.


4. Click OK to save changes.


To use the RADIUS shared secret template, configure a RADIUS client, a remote RADIUS server, or a remote RADIUS server template and specify the template name for the shared secret, rather than manually configuring a shared secret or having NPS generate one. The following figure shows an example.


NPS template example


To view which RADIUS clients, remote RADIUS servers, and remote RADIUS server templates use a specific RADIUS shared secret template, right click the name of the RADIUS shared secret template, and then click View Usage.


 



NAP Product Team

Example of using the new NPS templates feature in Windows Server 2008 R2

February 26th, 2009 No comments

In a previous NAP blog entry, we described the new NPS templates feature in Windows Server 2008 R2. In this blog entry, we show an example of using a template for a RADIUS shared secret.


Templates for RADIUS shared secrets allow users to specify a shared secret that can be reused when configuring RADIUS clients and remote RADIUS servers in the Network Policy Server snap-in. To create and use a RADIUS shared secret template, do the following:


1. From the Network Policy Server snap-in, open the Templates Management node.


2. In the console tree, right-click Shared Secrets, and then click New.


3. In Template Name, type a name for the shared secret template, and then either manually specify the shared secret or have NPS automatically generate one.


4. Click OK to save changes.


To use the RADIUS shared secret template, configure a RADIUS client, a remote RADIUS server, or a remote RADIUS server template and specify the template name for the shared secret, rather than manually configuring a shared secret or having NPS generate one. The following figure shows an example.


NPS template example


To view which RADIUS clients, remote RADIUS servers, and remote RADIUS server templates use a specific RADIUS shared secret template, right click the name of the RADIUS shared secret template, and then click View Usage.


 



NAP Product Team

Example of using the new NPS templates feature in Windows Server 2008 R2

February 26th, 2009 No comments

In a previous NAP blog entry, we described the new NPS templates feature in Windows Server 2008 R2. In this blog entry, we show an example of using a template for a RADIUS shared secret.


Templates for RADIUS shared secrets allow users to specify a shared secret that can be reused when configuring RADIUS clients and remote RADIUS servers in the Network Policy Server snap-in. To create and use a RADIUS shared secret template, do the following:


1. From the Network Policy Server snap-in, open the Templates Management node.


2. In the console tree, right-click Shared Secrets, and then click New.


3. In Template Name, type a name for the shared secret template, and then either manually specify the shared secret or have NPS automatically generate one.


4. Click OK to save changes.


To use the RADIUS shared secret template, configure a RADIUS client, a remote RADIUS server, or a remote RADIUS server template and specify the template name for the shared secret, rather than manually configuring a shared secret or having NPS generate one. The following figure shows an example.


NPS template example


To view which RADIUS clients, remote RADIUS servers, and remote RADIUS server templates use a specific RADIUS shared secret template, right click the name of the RADIUS shared secret template, and then click View Usage.


 



NAP Product Team

Example of using the new NPS templates feature in Windows Server 2008 R2

February 26th, 2009 No comments

In a previous NAP blog entry, we described the new NPS templates feature in Windows Server 2008 R2. In this blog entry, we show an example of using a template for a RADIUS shared secret.


Templates for RADIUS shared secrets allow users to specify a shared secret that can be reused when configuring RADIUS clients and remote RADIUS servers in the Network Policy Server snap-in. To create and use a RADIUS shared secret template, do the following:


1. From the Network Policy Server snap-in, open the Templates Management node.


2. In the console tree, right-click Shared Secrets, and then click New.


3. In Template Name, type a name for the shared secret template, and then either manually specify the shared secret or have NPS automatically generate one.


4. Click OK to save changes.


To use the RADIUS shared secret template, configure a RADIUS client, a remote RADIUS server, or a remote RADIUS server template and specify the template name for the shared secret, rather than manually configuring a shared secret or having NPS generate one. The following figure shows an example.


NPS template example


To view which RADIUS clients, remote RADIUS servers, and remote RADIUS server templates use a specific RADIUS shared secret template, right click the name of the RADIUS shared secret template, and then click View Usage.


 



NAP Product Team

Example of using the new NPS templates feature in Windows Server 2008 R2

February 26th, 2009 Comments off

In a previous NAP blog entry, we described the new NPS templates feature in Windows Server 2008 R2. In this blog entry, we show an example of using a template for a RADIUS shared secret.


Templates for RADIUS shared secrets allow users to specify a shared secret that can be reused when configuring RADIUS clients and remote RADIUS servers in the Network Policy Server snap-in. To create and use a RADIUS shared secret template, do the following:


1. From the Network Policy Server snap-in, open the Templates Management node.


2. In the console tree, right-click Shared Secrets, and then click New.


3. In Template Name, type a name for the shared secret template, and then either manually specify the shared secret or have NPS automatically generate one.


4. Click OK to save changes.


To use the RADIUS shared secret template, configure a RADIUS client, a remote RADIUS server, or a remote RADIUS server template and specify the template name for the shared secret, rather than manually configuring a shared secret or having NPS generate one. The following figure shows an example.


NPS template example


To view which RADIUS clients, remote RADIUS servers, and remote RADIUS server templates use a specific RADIUS shared secret template, right click the name of the RADIUS shared secret template, and then click View Usage.


 



NAP Product Team