Migrating your whole RADIUS configuration (IAS) from Server 2003 to Server 2012 (NPS)

,

I was recently migrating an environment that ran two 2003 servers to two 2012 R2 servers. One of the challenges of migrations is ensuring there is as little disruption as possible, whether it is during business hours or not. This organization had a single RADIUS server controlling access to their 300+ users for Wireless and Remote Access.

nps

One of the useful tools nestled away in the 2008 R2 / 2012 installation media is a tool called IASmigrader.exe. This invaluable little tool can easily migrate the entire IAS / RAdius configuration from Server 2003 and allow me to import it into NPS (better than mucking around with netsh and then manually editing text files). Fine the executable you need in :\sources\dlmanifests\microsoft-windows-iasserver-migplugin\, copy this onto the source machine where IAS is. Once there, open a command prompt and type iasmigreader.exe relative to where you copied it.

Once ran, the tool will export the configuration to %windir%\system32\ias\ias.txt, copy this file across to your new NPS host and open up the NPS console, right click on NPS and select Import Configuration and browse to the text file (you will need to drop down the file type box) and import the configuration, I generally restart the NPS service for good measure. You can also run netsh nps import filename=”C:\migration\ias.txt” in an elevated command prompt.


2 responses to “Migrating your whole RADIUS configuration (IAS) from Server 2003 to Server 2012 (NPS)”

  1. Tom Avatar
    Tom

    Thanks, made this so easy

  2. Tom Avatar
    Tom

    Thanks, made this so easy

Leave a Reply

More Posts

How to Configure SNTP/NTP Time Source on HP ProCurve MSM 765zl Wireless Mobility Controller

I was recently investigating authentication methods for our Wireless system and wanted to test out Active Directory.  Basically, the controller would be checking directly with Active Directory if clients should be allowed to access our Wireless network.  After we started configuring Active Directory Authentication we noticed that the time on our MSM controller was off, […]