Who Moved my IAS?

If you used RADIUS servers to provide centralized authentication, authorization, and accounting of your clients connecting to network resources, you know that in Windows Server 2003 this was called Internet Authentication Service (IAS). Look for IAS in Windows Server 2008 and you might spin your wheels. This service now is part of Network Policy and and Access Services. The server role providing these services is called the Network Policy Server (NPS).

You can deploy NPS as a proxy, Network Access Protection (NAP) policy server and as a Remote Authentication Dial-in User Service (RADIUS). RADIUS is an Internet Engineering Task Force (IETF) protocol that provides centralized authentication, authorization, and accounting for network access. RADIUS proxies forward RADIUS messages between RADIUS clients (network access devices) and RADIUS servers.

The Cable Guy has a great article introducing you to the changes to IAS in the December 2007 TechNet Magazine. For example, the new management snap in has some changes:

• Remote access policies have become network policies and have been moved under the Policies node.
• The RADIUS Clients node has been moved under the RADIUS Clients and Servers node.
• There is no longer a Connection Request Processing node. The Connection Request Policies node has been moved under Policies and the Remote RADIUS Server Groups node has been moved under RADIUS Clients and Servers.
• Remote access policy conditions and profile settings have been reorganized on the Overview, Conditions, Constraints, and Settings tabs for the properties of a network policy.
• Connection request policy conditions and profile settings have been reorganized on the Overview, Conditions, and Settings tabs for the properties of a connection request policy.
• The Remote Access Logging folder has been renamed the Accounting node and no longer has the Local File or SQL Server nodes.