Optimizing authentication between NPS and Active directory server

hello experts,

i need opinion regarding improving existing vpn infrastucture . vpn infrastucture includes ad server accounts created placed in datacenter, domain created in nps(network policy servers) joined ad domain controller.the nps servers placed in separate datacenter. in vpn server (rras) have added 4 nps servers respect least distant nps server first nps server in rras(vpn) server. when clients connect vpn authenticated slow possible authenticated more fastly. vpn servers not part of domain security reasons. so, need r expert opinion in in order optimize authentication have tweak ad or nps or else done. there tool find authentication time taken when user connects.

any suggestions highly appreciated.

thanks

hi frank albertstien,

according description, want optimize nps performance.

as far know, there several tips improve nps performance:

1. install nps role on dc;

2. disable nas notification forwarding;

3. if nps server not installed on dc, , receiving large number of authentication requests per second, we can improve performance increasing number of concurrent authentications between nps server , domain controller.

to this, may edit following registry key: hkey_local_machine\system\currentcontrolset\services\netlogon\parameters. add new value named maxconcurrentapi , assign value 2 through 5. if assign value maxconcurrentapi high, nps server might place excessive load on domain controller

you may click following links learn detailed information how improve nps performance:

https://technet.microsoft.com/en-us/library/cc771746(v=ws.10).aspx

https://technet.microsoft.com/en-us/library/cc755120(v=ws.10).aspx

best regards,

anne

---

please remember mark replies answers if , unmark them if provide no help. if have feedback technet support, contact tnmff@microsoft.com.

Windows Server  >  Network Infrastructure Servers