Home > Active Directory, Data Center, Microsoft Infrastructure, Windows Client, Windows Server > Migrating Network Policy Server (Radius) to Windows Server 2012 using PowerShell

Migrating Network Policy Server (Radius) to Windows Server 2012 using PowerShell

 

As a consultant, I often help customers upgrading to the newest versions of Windows Server. Most of the projects I have been involved in, I start with the Domain Controllers. It is easy if you create a good plan and stick to it. Migrating Domain Controllers also means migrating Role Services. In the following, you will learn how to migrate Network Policy Server, NPS, Radius or what you call it ;-)

The last project was an upgrade from Windows Server 2008 to Windows Server 2012.

Step-by-Step Guide

Starting at the Windows Server 2008 domain controller, we’ll have to use the netsh command to extract information about the NPS configuration to a XML file.

Here you see an overview of the NPS configuration that we want to migrate.

 

clip_image002

 

Login to the Windows Server 2008 server with an administrative account and start and elevated command prompt. Execute the following command to generate the XML file:

netsh nps export filename="c:\temp\DC2.xml" exportPSK=YES

“exportPSK” is required is you need to export the Shared Secrets for your RADIUS Clients.

Remember to store the file in a secure place, as it contain security information.

 

clip_image003

 

Move or copy the file to the target Windows Server 2012 server.

Start a PowerShell Prompt in elevated mode and run the following command:

Import-NpsConfiguration –Path c:\temp\dc2.xml

clip_image005

 

Running the command should only give you a new prompt and you are done!

Check out the Network Policy Server Admin user interface to secure that settings are migrated.

clip_image007

 

NOTE: That SQL Logging settings are NOT migrated, so please check under Accounting to see if the settings are in compliance with your policies.

 

clip_image008

 

If you are not switching IP on the target server, then you have to change all clients pointing at the NPS Server. In most migrations, I switch the IP of the Domain Controller/ NPS Server to match the old Domain Controller IP. Then I do not have to change DNS Server settings on a lot of servers and my NPS clients talk to the correct IP.

 

NPS Netsh Command Reference:
http://technet.microsoft.com/en-us/library/cc754758(v=ws.10).aspx#BKMK_4

NPS PowerShell Command Reference:
http://technet.microsoft.com/en-us/library/jj872739.aspx

About these ads
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 67 other followers

%d bloggers like this: