To verify that Network Access Protection (NAP) in Configuration Manager 2007 is successfully remediating non-compliant Configuration Manager 2007 clients, you can use either of the following procedures:
-
Use the Network Access Protection client notification.
-
Look for specific state message changes logged on the client.
To verify that clients are successfully remediated using the Network Access Protection client notification
To verify that clients are successfully remediated using client logging
-
Locate the client log file %windir%\system32\CCM\Logs\StateMessage.log.
-
Look for the state message changes with Type="200" IDType="200"/><State ID="2" (which means the client is entering deferred enforcement state) or Type="200" IDType="200"/><State ID="3" (which means the client is entering restricted access state) changing to Type="200" IDType="200"/><State ID="1" (which means the client is entering unrestricted access state).
If you confirm these state message changes exist in the log file, the client is successfully remediated. If these state message changes are not present, the client is not successfully remediated.
See Also
Did you find this information useful? Please click the following link to send your suggestions and comments about the documentation to the Configuration Manager Doc Feedback alias:
SMSdocs@microsoft.com.