Access Request Was Discarded

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

In a Network Access Protection (NAP) deployment, this problem typically occurs if Network Policy Server (NPS) cannot contact the accounting destination.

Description of system behavior

The behavior of NAP client computers whose network access requests are discarded will depend on the type of NAP enforcement method used.

  • With IPsec enforcement, client computers will not be issued a NAP health certificate.

  • With 802.1X enforcement, client computers will fail 802.1X authentication and might have guest access properties applied to the connection.

  • With VPN enforcement, the VPN connection will be terminated.

  • With DHCP enforcement, the client computer will not acquire a DHCP-issued IP address configuration.

Associated operating system events

  • NPS event ID 6274: Network Policy Server discarded the request for a user.

Root cause diagnosis and resolution

When you configure SQL Server logging on NPS, you can choose to log to the local computer or to a remote computer. If you choose to log to a remote computer and the network connection to this computer is broken, or if the SQL Server database configuration is invalid, NPS will fail to authenticate incoming network access requests.

NPS cannot contact the accounting destination

NPS will attempt to log the following types of RADIUS packets to an accounting destination: access request, access accept, access reject, and accounting requests. If NPS is unable to log these RADIUS packets to a local or remote database, it will not log any RADIUS packets and will deny all network access requests.

Resolution

To repair this problem, remove SQL Server logging, configure logging to the local computer, or restore the remote SQL Server database connection.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To repair this problem

  1. On a server running NPS, click Start, click Run, type nps.msc, and press ENTER.

  2. In the NPS console tree, click Accounting, and then click Configure SQL Server Logging.

  3. Click Configure, and attempt to repair the connection to the SQL Server database that is displayed.

  4. If you cannot repair the connection to the SQL Server database, click Cancel, click Clear, and then click OK. This will disable SQL Server logging and restore the ability of NPS to process incoming client access requests.