Export (0) Print
Expand All

Network Access Protection Commands for NPS

Updated: February 8, 2008

Applies To: Windows Server 2008

This section contains the following commands.

For information on how to interpret netsh command syntax, see Formatting Legend.

The following entries provide details for each command.

Adds one or more servers to the specified remediation server group.

add remediationserver [ remediationservergroup = ] remediationservergroup [ address = ] address [ [ name = ] name ]

remediationservergroup
Required. Specifies the name of the remediation server group to which you want to add servers.

address
Required. Specifies the Fully Qualified Domain Name (FQDN) or IP address Of the remediation server that you want to add.

name
Optional. Specifies the friendly name of the remediation server that you want to add.

The following example adds a remediation server with the FQDN Server1.adatum.com to a remediation server group named Servers1. The friendly name for the server is Seattle Remediation server.

add remediationserver remediationservergroup = "Servers1" address = "Server1.adatum.com" name = "Seattle Remediation server"

Adds a remediation server group to the NPS server configuration.

add remediationservergroup [ name = ] name

name
Required. Specifies the name of the remediation server group that you want to add to the Network Policy Server (NPS) configuration.

Adds a system health validator (SHV) template, also called a health policy, to the NPS server configuration.

add shvtemplate [ name = ] name [ [ id = ] id [ config = ] ALLMUSTPASS | ALLMUSTFAIL | ONEMUSTPASS | ONEMUSTFAIL ]

name
Required. Specifies the friendly name of the health policy.

id
Optional. Specifies one or more valid SHV IDs separated by a comma. If no ID is specified, all SHVs are selected.

config
Optional. Specifies the amount of SHVs that must pass or fail for the conditions of the network policy to be matched. If ALLMUSTPASS is designated, all SHVs configured in the health policy must pass for the conditions of the network policy to be matched. If ALLMUSTFAIL is designated, all SHVs configured in the health policy must fail for the conditions of the network policy to be matched. If ONEMUSTPASS is designated, one SHV configured in the health policy must pass for the conditions of the network policy to be matched. If ONEMUSTFAIL is designated, one SHV configured in the health policy must fail for the conditions of the network policy to be matched. The default is ALLMUSTPASS.

In the following example, a health policy named HealthPolicy1 is added to the NPS server configuration.

add shvtemplate name = "HealthPolicy1"

In Windows Server 2008 R2, this Netsh command is modified from the version in Windows Server 2008, and might provide different functionality. For more information, see Netsh Commands for Network Policy Server in Windows Server 2008 R2

Deletes one or more servers from the specified remediation server group.

delete remediationserver [ remediationservergroup = ] remediationservergroup [ address = ] address [ [ name = ] name ]

remediationservergroup
Required. Specifies the name of the remediation server group from which you want to delete a server.

address
Required. Specifies the FQDN or IP address of the remediation server that you want to delete.

name
Optional. Specifies the friendly name of the remediation server that you want to delete.

Deletes a remediation server group.

delete remediationservergroup [ name = ] name

name
Required. Specifies the name of the remediation server group that you want to delete from the NPS server configuration.

Deletes the specified health policy (also called an SHV template).

delete shvtemplate [ name = ] name

name
Required. Specifies the friendly name of the health policy that you want to delete.

Specifies a new Fully Qualified Domain Name (FQDN) or IP address for an existing remediation server that is a member of an existing remediation server group.

rename remediationserver [remediationservergroup = ] remediationservergroup [ address = ] address [ newaddress = ] newaddress

remediationservergroup
Required. Specifies the name of the remediation server group that contains the remediation server that you want to rename.

address
Required. Specifies the FQDN or the IP address of the remediation server that you want to rename.

newaddress
Required. Specifies the new FQDN or IP address of the remediation server that you want to rename.

The following example changes the name of the remediation server Server1.adatum.com in the remote remediation server group Servers1 to Remediation-01.adatum.com.

rename remediationserver remediationservergroup = "Servers1" address = "Server1.adatum.com" newaddress = "Remediation-01.adatum.com"

Renames the specified remediation server group.

rename remediationservergroup [ name = ] name [newname =] new name

name
Required. Specifies the name of the remediation server group that you want to rename.

newname
Required. Specifies the new name for the remediation server group.

The following example changes the name of a remediation server group from Servers1 to Servers2.

rename remediationservergroup name = Servers1 newname = Servers2

Renames an existing health policy (also called an SHV template).

rename shvtemplate [ name = ] name [ newname = ] new name

Parameters

name
Required. Specifies the existing name of the health policy.

newname
Required. Specifies the new name for the health policy.

The following example changes the name of a health policy from HealthPolicy1 to HealthPolicy2.

rename shvtemplate name = "HealthPolicy1" newname = "HealthPolicy2"

Resets a remediation server in the remediation server group that you specify.

reset remediationserver [ remediationservergroup = ] remediationservergroup

remediationservergroup
Required. Specifies the name of the remediation server group that contains the remediation server that you want to reset.

Resets a remediation server group.

reset remediationservergroup

Resets the SHV configuration.

reset shv

Resets the health policy configuration.

reset shvtemplate

Modifies the configuration of a remediation server in the specified remediation server group.

set remediationserver [ remediationservergroup = ] remediationservergroup [ address = ] address [ [ name = ] name ]

remediationservergroup
Required. Specifies the name of the remediation server group to which you want to add servers.

address
Required. Specifies the FQDN or IP address of the remediation server that you want to add.

name
Optional. Specifies the friendly name of the remediation server that you want to add.

Modifies the system health validator configuration.

set shv [ id = ] id [ [ unreachablepolicyserver = ] NONCOMPLIANT | COMPLIANT [ unreachableremediationserver = ] NONCOMPLIANT | COMPLIANT [ shafailure = ] NONCOMPLIANT | COMPLIANT [ napserverfailure = ] NONCOMPLIANT | COMPLIANT [ othererrors = ] NONCOMPLIANT | COMPLIANT ]

id
Required. Specifies the ID number of the SHV.

unreachablepolicyserver
Optional. Specifies the error that is returned when the SHV's policy server cannot be contacted. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.

unreachableremediationserver
Optional. Specifies the error that is returned when the system health agent (SHA) cannot contact the remediation server and cannot successfully update a noncompliant NAP client. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.

shafailure
Optional. Specifies the error that is returned when the SHA has an internal failure. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.

napserverfailure
Optional. Specifies the error that is returned when the NAP server produces an internal failure. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.

othererrors
Optional. Specifies all other errors in the NAP infrastructure. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.

The following example sets an SHV with the ID of 79744.

set shv id = "79744"

Changes the value of one or more properties of an existing health policy. Values specified by this command overwrite the existing values.

set shvtemplate [ name = ] name [ [ id = ] id [ config = ] ALLMUSTPASS | ALLMUSTFAIL | ONEMUSTPASS | ONEMUSTFAIL ]

name
Required. Specifies the friendly name of the health policy.

id
Optional. Specifies one or more valid SHV IDs separated by a comma. If no ID is specified, all SHVs are selected.

config
Optional. Specifies the amount of SHVs that must pass or fail for the conditions of the network policy to be matched. If ALLMUSTPASS is designated, all SHVs configured in the health policy must pass for the conditions of the network policy to be matched. If ALLMUSTFAIL is designated, all SHVs configured in the health policy must fail for the conditions of the network policy to be matched. If ONEMUSTPASS is designated, one SHV configured in the health policy must pass for the conditions of the network policy to be matched. If ONEMUSTFAIL is designated, one SHV configured in the health policy must fail for the conditions of the network policy to be matched. The default is ALLMUSTPASS.

In Windows Server 2008 R2, this Netsh command is modified from the version in Windows Server 2008, and might provide different functionality. For more information, see Netsh Commands for Network Policy Server in Windows Server 2008 R2

Displays the Network Access Protection (NAP) configuration of the specified server.

show napserverinfo

Displays the properties of the remediation servers in the specified group.

[ remediationservergroup = ] remediationservergroup

Remediationservergroup
Required. Specifies the name of the remediation server group in which the server(s) reside.

Displays the remediation server groups and the servers configured within each group.

show remediationservergroup

Displays all of the system health validators (SHVs) that are registered in NPS.

show shv

Displays all health policies.

show shvtemplate

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft