Thanks, I downloaded this document and started reading it. After a couple
of pages, I realized that this didn't answer my actual question of how to
use AD Security Groups to control remote access, so I went back to the IAS
MMC interface and started poking around the policies. I discoverd a policy
option that uses AD Security Group membership to permit or deny access.
This is the match I needed. Created a new security group with my remote
users as members and then configured both my IAS servers to use this group
to permit. Tested with one of our remote users and everything worked
perfectly. Made the same change to my backup IAS server.
Mike.
Steven L Umbach said:
Hi Mike.
I believe the IAS server needs to be a member of the domain in which case
you create the security group in Active Directory Users and Computers and
then use that group in your Remore Access Policy on the IAS server by
selecting add and then Windows groups [of course you need to add appropriate
users and maybe computers to the group]. The link below to an excellent
white paper from MS on 802.1X deployment in a lab may be helpful as it goes
into detail about what you are asking about in a step by step shion. ---
Steve
http://www.microsoft.com/downloads/...a2-e113-415b-b2a9-b6a3d64c48f5&DisplayLang=en
http://tinyurl.com/vz3l -- same link in case of wrap