Add method of the PS_RemoteAccessRadius class
This cmdlet adds a new external RADIUS server for one of the following purposes1. VPN authentication2. Accounting for DirectAccess and VPN3. OTP authentication for DirectAccess
Syntax
uint32 Add(
[in] string ServerName,
[in] string SharedSecret,
[in] string ComputerName,
[in] uint16 Port,
[in] uint8 Score,
[in] uint32 Timeout,
[in] string Purpose,
[in] string AccountingOnOffMsg,
[in] string MsgAuthenticator,
[in] string EntrypointName,
[in] boolean PassThru,
[out] RemoteAccessRadiusServer cmdletOutput[]
);
Parameters
-
ServerName [in]
-
IPv4/IPv6 address or hostname of the external RADIUS server.
-
SharedSecret [in]
-
Shared secret between the VPN server and the specified external RADIUS server. Note that the secret is specified in clear text
-
ComputerName [in]
-
IPv4/IPv6 address or hostname of the machine on which the remote access server machine specific tasks should be executed. If ComputerName is specified when adding a Radius server for authentication then it is added for the VPN server represented by ComputerName
-
Port [in]
-
Indicates the port number on which the RADIUS server is accepting authentication requests. Default is 1813
-
Score [in]
-
Indicates the initial score. The default is 30
-
Timeout [in]
-
The value is specified in seconds. Default is 5 secs
-
Purpose [in]
-
A Mandatory parameter that indicates the purpose for which the external RADIUS server is being added. Can be one of the following. 1. Authentication 2. Accounting. 3. Otp
-
Authentication ("Authentication")
-
Accounting ("Accounting")
-
Otp ("Otp")
AccountingOnOffMsg [in]
Indicates whether the sending of accounting on/off messages should be enabled or disabled. Can take one of the following values 1. Enabled 2. Disabled; By default it is disabled. This parameter is applicable only when the Radius server is being added for Remote Access accounting
Enabled ("Enabled")
Disabled ("Disabled")
MsgAuthenticator [in]
Indicates whether usage of message authenticator should be enabled or disabled. Can take one of the following values. 1. Enabled. 2. Disabled; By default it is disabled. This parameter is applicable only when the Radius server is being added for VPN authentication
Enabled ("Enabled")
Disabled ("Disabled")
EntrypointName [in]
Entrypoint refers to the identity of a site in a multi-site deployment. It is applicable only to Radius server configuration for VPN authentication. It is not applicable to Radius accounting and OTP and hence is ignored when a user tries to add a radius server for these purposes. When the parameter is specified it indicates that the Radius server for VPN authentication should be added for that site. If an entrypoint is not specified in a multi-site deployment then the entrypoint to which the server on which the cmdlet is executed belongs is used. The server could also be represented by using the ComputerName parameter. If both entrypoint and computername are specified and the ComputerName doesn't belong to the site represented by the entrypoint then the entrypoint takes precedence and the radius server is added to it
PassThru [in]
Returns the remote access radius server object. By default this cmdlet does not generate any output
cmdletOutput [out]
The output consists of the following. 1. External RADIUS server address (IPv4/IPv6) or hostname. 2. Purpose (VPN authentication, accounting, Inbox OTP authentication for DA) 3. RADIUS server properties (Shared secret, time-out, initial score, port no., status of accounting on/off messages - for accounting RADIUS, status of message authenticator - for authentication RADIUS)
Requirements
| Minimum supported client |
None supported |
| Minimum supported server |
Windows Server 2012 |
| Namespace |
Root\Microsoft\Windows\RemoteAccess |
| MOF |
|
| DLL |
|