7. When the installation is complete, click Finish to close the window.
Detailing IAS Permissions Required in Active Directory
To successfully authenticate domain users, the IAS server needs rights to read the dial-in
properties of user accounts within Active Directory. The process of authorizing the IAS
server adds the IAS server account to the RAS and IAS Servers group within the Users
container in Active Directory. If users from different domains will authenticate against the
IAS server, then the IAS server account must be added to the RAS and ISA server group
within the user??™s local domain. This can be done manually from within Active Directory
Users and Computers or scripted with the NETSH or DSMOD utilities.
To successfully register the IAS server by adding the server to the RAS and IAS Server
group, the appropriate administrative permissions are required in each domain.
Use the following procedure to authorize the IAS server through the IAS management
console:
1. Open the Internet Authentication Service console (Start, Administrative Tools,
Internet Authentication Service).
FIGURE 9.9 Installing the Internet Authentication Service (IAS).
Pages:
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424