Access Requests Are Not Logged
Updated: March 29, 2012
Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012
This problem can occur if audit policy for success and failure events is disabled. To repair the problem, enable auditing for success and failure events.
No access request events are observed on Network Policy Server (NPS). Clients continue to be processed by NPS and access request messages continue to be recorded in text logs on NPS. However, no events are generated in Event Viewer.
You can review the audit policy settings on NPS by typing auditpol /get /subcategory:”Network Policy Server” at the command line. If audit policy is not configured properly, you might not see NAP client access request events. This can make troubleshooting difficult. For more information, see Audit Policy (http://go.microsoft.com/fwlink/?LinkId=136751).
If audit policy is not configured to display success and failure events, then Network Access Protection (NAP) client access requests will not be displayed in Event Viewer.
To repair this problem, enable success and failure events in audit policy.
Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).
On a server running NPS, click Start, right-click Command Prompt, and then click Run as administrator.
At the command prompt, type auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable, and press ENTER.