Jump to content

Using Network Policy Server for CAP (and RAP) repository

Guest GeoffD

By Guest GeoffD
in Windows NT Server

 Share

Recommended Posts

Guest GeoffD

Guest GeoffD

Posted
Posted

I'm hoping to deploy a couple TSGateway Systems, using a Network Policy

Server as a central repository for CAPs and RAPs. finally found some

documentation about how to link the TSGateway to the NPS for CAPs. But I can

find no similar documentation for how Resource Authorization Policies. Is it

even possible to reference RAPs on the NPS?

 

Are there best practices regarding maintaining TS Gateway configurations?

 

--Geoff

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Rob Leitman [MS]

Guest Rob Leitman [MS]

Posted
Posted

Re: Using Network Policy Server for CAP (and RAP) repository

 

RAPs use Authorization Manager for policy storage. This uses an XML file to

store the policy.

 

Rob

 

"GeoffD" <GeoffD@discussions.microsoft.com> wrote in message

news:DD7EE3DD-8C35-415E-92F6-F61F8575ECDF@microsoft.com...

> I'm hoping to deploy a couple TSGateway Systems, using a Network Policy

> Server as a central repository for CAPs and RAPs. finally found some

> documentation about how to link the TSGateway to the NPS for CAPs. But I

> can

> find no similar documentation for how Resource Authorization Policies. Is

> it

> even possible to reference RAPs on the NPS?

>

> Are there best practices regarding maintaining TS Gateway configurations?

>

> --Geoff

Guest GeoffD

Guest GeoffD

Posted
Posted

Re: Using Network Policy Server for CAP (and RAP) repository

 

Thanks, Rob.

 

I haven't worked with Authorization Manager before. If I want to have a

couple of TS Gateway systems, configured for load balancing, and I want the

configs them to be the same, I can point them to a Network Policy Server for

CAPs. For RAPs, the configurations are stored locally. Is that correct?

 

I've done some quick doc reviews, and it looks like you can configure the

Authorization Manager (azman?) to store data in Active Directory instead of

XML files. Would that configuration be compatible with TS Gateway RAPs? Could

multiple TS Gateway systems reference the same azman store?

 

Maybe the TS Gateway service isn't resource intensive, and load-balancing is

not necessary. Are there any sizing recommendations?

 

Thanks again,

 

--Geoff

 

"Rob Leitman [MS]" wrote:

> RAPs use Authorization Manager for policy storage. This uses an XML file to

> store the policy.

>

> Rob

>

> "GeoffD" <GeoffD@discussions.microsoft.com> wrote in message

> news:DD7EE3DD-8C35-415E-92F6-F61F8575ECDF@microsoft.com...

> > I'm hoping to deploy a couple TSGateway Systems, using a Network Policy

> > Server as a central repository for CAPs and RAPs. finally found some

> > documentation about how to link the TSGateway to the NPS for CAPs. But I

> > can

> > find no similar documentation for how Resource Authorization Policies. Is

> > it

> > even possible to reference RAPs on the NPS?

> >

> > Are there best practices regarding maintaining TS Gateway configurations?

> >

> > --Geoff

>

>

Guest Rob Leitman [MS]

Guest Rob Leitman [MS]

Posted
Posted

Re: Using Network Policy Server for CAP (and RAP) repository

 

Yes, the RAPs are stored locally. It's possible to store AzMan in AD, but

we don't support that configuration for TS Gateway.

 

Sizing guidelines for Win2008 are coming out soon. TS Gateway can be

intensive, depending on how many concurrent connections you have.

 

Rob

 

"GeoffD" <GeoffD@discussions.microsoft.com> wrote in message

news:7D4DD193-74D3-46F1-95CD-DC61E060269F@microsoft.com...

> Thanks, Rob.

>

> I haven't worked with Authorization Manager before. If I want to have a

> couple of TS Gateway systems, configured for load balancing, and I want

> the

> configs them to be the same, I can point them to a Network Policy Server

> for

> CAPs. For RAPs, the configurations are stored locally. Is that correct?

>

> I've done some quick doc reviews, and it looks like you can configure the

> Authorization Manager (azman?) to store data in Active Directory instead

> of

> XML files. Would that configuration be compatible with TS Gateway RAPs?

> Could

> multiple TS Gateway systems reference the same azman store?

>

> Maybe the TS Gateway service isn't resource intensive, and load-balancing

> is

> not necessary. Are there any sizing recommendations?

>

> Thanks again,

>

> --Geoff

>

> "Rob Leitman [MS]" wrote:

>

>> RAPs use Authorization Manager for policy storage. This uses an XML file

>> to

>> store the policy.

>>

>> Rob

>>

>> "GeoffD" <GeoffD@discussions.microsoft.com> wrote in message

>> news:DD7EE3DD-8C35-415E-92F6-F61F8575ECDF@microsoft.com...

>> > I'm hoping to deploy a couple TSGateway Systems, using a Network Policy

>> > Server as a central repository for CAPs and RAPs. finally found some

>> > documentation about how to link the TSGateway to the NPS for CAPs. But

>> > I

>> > can

>> > find no similar documentation for how Resource Authorization Policies.

>> > Is

>> > it

>> > even possible to reference RAPs on the NPS?

>> >

>> > Are there best practices regarding maintaining TS Gateway

>> > configurations?

>> >

>> > --Geoff

>>

>>

 Share
Go to topic listing
×
×
  • Create New...