When you use IAS (Internet Authentication Service) on a Windows Server 2003 and have a connection request policy that is configured to use a rule that contains a Find value and a Replace value for an attribute, the value that is supposed to be specified in the Find box is incorrectly specified in the Replace box and the value that is supposed to be specified in the Replace box is incorrectly specified in the Find box.
The connection request policy uses the incorrect values in the rule and all subsequent rules are not process for this connection request.
This behavior occurs because the database layer incorrectly orders the data.
To workaround this behavior, you can create separate connection request policies for each rule, allowing you to use regular expressions, or values, in the Find and Replace boxes.
You can also just change the values in the Find and Replace boxes to regular expressions.
As an example, if you want to replace [email protected] with child\user:
Start / Run / ias.msc / OK.
2. In the IAS MMC snap-in, expand Connection Request Processing and press Connection Request Policies.
3. Right-click the connection request policy that you want to configure and press Properties.
4. Press Edit Profile in the Properties dialog.
5. Select the Attributes tab.
6. Select the attribute you wish to edit from the Attribute list.
7. To add a new rule, press Add. To edit an existing rule, press Edit.
In the Find box, type ^(.*)@(.*)\..*$.
In the Replace with box, type ($2)\($1).
8. Press OK, OK, and OK.
For more information about regular expressions, see http://msdn2.microsoft.com/en-us/library/2k3te2cs.aspx