New-NpsRadiusClientWithTemplate
0.1
This script aims to solve this problem, as many organizations have a lot of devices, and a password
policy that requires changing RADIUS secrets. You don't want to have to update all the clients, just the
template. That why we use them...!
This may not be the best
This script aims to solve this problem, as many organizations have a lot of devices, and a password
policy that requires changing RADIUS secrets. You don't want to have to update all the clients, just the
template. That why we use them...!
This may not be the best way to solve this problem, however it does work.
Installation Options
Owners
Copyright
(c) 2019 Chris Masters. All rights reserved.
Package Details
Author(s)
- Chris Masters
Tags
NPS RADIUS SecretKey SharedSecret
Dependencies
This script has no dependencies.
Release Notes
Initial release, with very little testing. I know it works for adding. And when you check the GUI, it shows
the device as using the template. However, I have not gone so far as to setup a dev env so I could change
the keys we use for our various SharedSecretTemplates.
Some notes on the process (observed only, not research)...
The IAS (Network Policy Server) service stores its files in $env:SystemRoot\System32\IAS\
When you edit data, it gets entered into ias_converted.xml and ias.xml.
I'm not sure of the process or reason for the two different files, as they're identical (SHA256 hashed).
Maybe the changes are entered into the converted files, checked for proper formatting, then copied to
ias.xml...?
Either way, I don't think it would be a good idea to edit these files directly, because stuff happens.
PROCESS:
- First the script creates a session with your NPS server.
- Creates a new NPS radius client
- Exports the configuration (messy, I know. Yet will be worth it when you need to change the key later)
- Changes the GUID for the template used on that client
- Then imports the changed config
- And optionaly restarts the service. I've noticed that it doesn't take affect until a service restart when
editing via the command line.
Also of note.... it wasn't 3am when I wrote this, so not my best work... but it was pretty late, so maybe
it's not so bad.
FileList
- New-NpsRadiusClientWithTemplate.nuspec
- New-NpsRadiusClientWithTemplate.ps1
Version History
Version | Downloads | Last updated |
---|---|---|
0.1 (current version) | 410 | 3/8/2019 |