Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 17. Managing Remote Access and I... > Managing Remote Access Policies and ...

Managing Remote Access Policies and Profiles

Windows 2000 uses policies in three ways to control remote access:

  • Local IAS policies. Each Windows 2000 dial-up server has a set of local policies that are derived from RADIUS. These policies are stored in an Internet Authentication Services (IAS) database, IAS.MDB, located in \WINNT\System32\IAS. These policies define access constraints based on a wide range of dial-up client attributes.

  • Central IAS policies. Rather than use the local IAS databases that must be individually modified if you want to change an access policy, a dial-up server can be configured to access RADIUS policies from a central server. This server can be a Windows 2000 server running IAS or a third-party RADIUS server. See "Configuring Internet Authentication Services (IAS)" for instructions on setting up an IAS server.

  • Group policies. Like just about any other local configuration, user settings involving remote access can be controlled using group policies. Group policies are enabled in a native-mode Windows 2000 domain only, however. This is because in a mixed-mode domain a dial-up server might attempt to authenticate users on a classic BDC, and the BDC has no facility for storing or distributing Windows 2000 group policies. Group policies affecting remote access are stored along with the other group policies in the \WINNT\Sysvol\Sysvol\<domainname> directory on all domain controllers. See Chapter 16, "Managing the User Operating Environment," for more information on using group policies.


You are currently reading a PREVIEW of this book.


Get instant access to over $1 million worth of books and videos.


Start a Free 10-Day Trial

  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint