Remotely Manage MS NPS Server

MS NPS (Network Policy Server) is often used as a RADIUS server for Network Access Control. Since every functionality needs some kind of managing, the NPS is no exception to that. It is easy to manage the NPS server by logging on to the server physically or with tools like RDP. Unfortunately remotely managing the NPS server, with MMC snap-in or with netsh is not possible. Since I like to script things which occurs more then once and needs more then 1 step it would be a nice feature to remotely manage the NPS server on CLI base. Luckily this can be accomplished with the help of Powershell. Powershell has the possibility to remotely execute commands on systems and give back the result. This makes it possible for us to remotely execute netsh and manage the NPS. Below I give you a simple example of how this can be done, of course you can build this to a whole menu to manage the NPS it depends on your own needs. First of all we need to allow remote Powershell commands on the server, so login on the NPS and start Powershell. Give in the following command to allow remote commands.

enable-psremoting –force

(I don’t know if the Windows Firewall is automatically configured to allow these connections, if not enable the “remote service management” rule. Also the network (environment) may not be set to public) That’s it, now you can run remote commands, with the following command.

invoke-command -computername SERVER01 {get-process}

or with netsh for NPS management.

invoke-command -computername SERVER01 {netsh nps show client}

Rob Maas
Rob Maas
Technical Challanger at ON2IT

If it is broken, fix it! If it ain’t broken, make it better!