Export (0) Print
Expand All

NAP Clients Are Not Reported as Infected

Updated: March 29, 2012

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

This problem occurs if a system health agent (SHA) does not provide extended state information in the statement of health (SoH).

You can configure a noncompliant health policy to restrict the access of Network Access Protection (NAP) client computers that are infected with a virus by selecting the Client reported as infected by one or more SHVs SHV check. However, this SHV check will match a client access request only if the client is infected and an installed SHA supports the use of extended state information. If the SHA does not provide this information, then the client will not match the noncompliant health policy.

  • NPS event ID 6278: Network Policy Server granted full access to a user because the host met the defined health policy.

In order to evaluate infected client computers as noncompliant and restrict their network access, you must install an antivirus SHA that supports extended state information.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft