Export (0) Print
Expand All
1 out of 1 rated this helpful - Rate this topic

Create an IPsec NAP Exemption Group

Updated: February 29, 2012

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

To exempt computers from NAP health checks when you use NAP with IPsec enforcement, you can autoenroll members of a security group with NAP exemption certificates. To autoenroll exempted computers, create a NAP exemption certificate template and grant enroll and autoenroll permissions to the IPsec NAP exemption group created in this procedure. For more information, see Create Health Certificate Templates.

Membership in the local Domain Admins group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).

Use the following procedure to create a NAP exemption group.

  1. On a domain controller, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.

  2. In the Active Directory Users and Computers console tree, right-click the domain name (for example, Woodgrovebank.local), point to New, and then click Group.

  3. Under Group Name, type IPsec NAP Exemption, and then click OK.

  4. Leave the Active Directory Users and Computers console open for the following procedure.

  1. In the Active Directory Users and Computers console tree, click the domain name (for example, Woodgrovebank.local).

  2. In the details pane, right-click IPsec NAP Exemption, and then click Properties.

  3. Click the Members tab, click Add, click Object Types, select Computers, and then click OK.

  4. Under Enter the object names to select, type the name of the computer or group you want to exempt, and then click OK twice.

  5. Close the Active Directory Users and Computers console.

See Also

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.