A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

Migrating your whole RADIUS configuration (IAS) from Server 2003 to Server 2012 (NPS)

,

I was recently migrating an environment that ran two 2003 servers to two 2012 R2 servers. One of the challenges of migrations is ensuring there is as little disruption as possible, whether it is during business hours or not. This organization had a single RADIUS server controlling access to their 300+ users for Wireless and Remote Access.

nps

One of the useful tools nestled away in the 2008 R2 / 2012 installation media is a tool called IASmigrader.exe. This invaluable little tool can easily migrate the entire IAS / RAdius configuration from Server 2003 and allow me to import it into NPS (better than mucking around with netsh and then manually editing text files). Fine the executable you need in :\sources\dlmanifests\microsoft-windows-iasserver-migplugin\, copy this onto the source machine where IAS is. Once there, open a command prompt and type iasmigreader.exe relative to where you copied it.

Once ran, the tool will export the configuration to %windir%\system32\ias\ias.txt, copy this file across to your new NPS host and open up the NPS console, right click on NPS and select Import Configuration and browse to the text file (you will need to drop down the file type box) and import the configuration, I generally restart the NPS service for good measure. You can also run netsh nps import filename=”C:\migration\ias.txt” in an elevated command prompt.

2 responses to “Migrating your whole RADIUS configuration (IAS) from Server 2003 to Server 2012 (NPS)”

  1. Tom Avatar
    Tom

    Thanks, made this so easy

    Reply
  2. Tom Avatar
    Tom

    Thanks, made this so easy

    Reply

Leave a Reply

More Posts

Microsoft 365 Admin Notifications to your user mailbox with Plus addressing

Licensing your Entra Administrator accounts for email is a common practice to ensure you are across service health updates, user, security and billing alerts but by doing this it introduces security risks and additional costs for mailbox licensing. As a best practice, privileged accounts should remain isolated from unnecessary communication channels to minimise vulnerabilities or […]

Adventures with setting up RDS RemoteApp and Web Access in Windows Server 2012 R2

So I was recently setting up a demo environment in Azure with two servers.  Our goal was to have Remote Web Access and then publish RemoteApps through that so we could give live demos.  The process to setup Remote Desktop Services is much easier in Server 2012 / 2012 R2 thanks to the Add Remove […]

Deploy Firefox in the Enterprise with uBlock Origin, HTTPS Everywhere and Privacy Badger using Group Policy

So we’ve been deploying Firefox for quite a while pretty much everywhere we can however, only recently have we started standardising the deployments across the organisation’s that we manage. We’ve deployed Internal Root CAs using the CCK2 method to improve our user experience with Deep Packet SSL inspection however setting up configurations and extensions and […]