How do I set up Network Policy Server (NPS) in Windows Server for LastPass Universal Proxy RADIUS protocol?
Before you begin:
The system administrator should specify which network policy uses Universal Proxy as the RADIUS server for authentication. In the following configuration the appropriate network policy should be used.
About this task: The configuration was tested with the following server versions:
- Windows Server 2008 R2
- Windows Server 2019
Note: This feature requires an account with the LastPass Business + Advanced MFA add-on. How do I upgrade my LastPass Business account with an add-on?
- Go to Network Policies and open the Connections to other access servers policy.
- In the Connections to other access servers Properties window, Overview tab, check the following:
- Policy enabled is checked.
- Grant access is selected.
- Type of network access server is Unspecified.
- Check the following checkboxes:
- Encrypted authentication (CHAP)
- Unencrypted authentication (PAP, SPAP)
- Click OK.
If you use CHAP, set the Store passwords using reversible encryption for your users:
- In the Active Users and Computers window, go to Users.
- Double-click on the user.
- In the Properties pop-up window click the Account tab.
- Check the Store passwords using reversible encryption checkbox.
- Click OK.
- Right-click on the user, select Reset Password...
- In the Reset Password pop-up window, enter your current password into the New password and Confirm password fields. It is necessary to re-type the current password in order for the new reversible password encryption option to take effect.
- Click OK.