NAP Client Health Status
Applies To: Windows Server 2008
When Network Policy Server (NPS) is configured as a Network Access Protection (NAP) policy server, health policy and client computer configuration determine whether NAP-capable client computers are allowed full network access, full network access for a limited time, or limited access to a restricted network only. This determination is made based on the health policy created in NPS. NAP client computers that comply with health policies are allowed full network access.
Events
| Event ID | Source | Message |
|---|---|---|
Microsoft-Windows-Security-Auditing |
Network Policy Server quarantined a user. Contact the Network Policy Server administrator for more information. User: %tSecurity ID:%t%t%t%1 %tAccount Name:%t%t%t%2 %tAccount Domain:%t%t%t%3 %tFully Qualified Account Name:%t%4 Client Machine: %tSecurity ID:%t%t%t%5 %tAccount Name:%t%t%t%6 %tFully Qualified Account Name:%t%7 %tOS-Version:%t%t%t%8 %tCalled Station Identifier:%t%t%9 %tCalling Station Identifier:%t%t%10 NAS: %tNAS IPv4 Address:%t%t%11 %tNAS IPv6 Address:%t%t%12 %tNAS Identifier:%t%t%t%13 %tNAS Port-Type:%t%t%t%14 %tNAS Port:%t%t%t%15 RADIUS Client: %tClient Friendly Name:%t%t%16 %tClient IP Address:%t%t%t%17 Authentication Details: %tProxy Policy Name:%t%t%18 %tNetwork Policy Name:%t%t%19 %tAuthentication Provider:%t%t%20 %tAuthentication Server:%t%t%21 %tAuthentication Type:%t%t%22 %tEAP Type:%t%t%t%23 %tAccount Session Identifier:%t%t%24 Quarantine Information: %tResult:%t%t%t%t%25 %tExtended-Result:%t%t%t%26 %tSession Identifier:%t%t%t%27 %tHelp URL:%t%t%t%28 %tSystem Health Validator Result(s):%t%29 |
|
Microsoft-Windows-Security-Auditing |
Network Policy Server granted access to a user but put it on probation because the host did not meet the defined health policy. Contact the Network Policy Server administrator for more information. User: %tSecurity ID:%t%t%t%1 %tAccount Name:%t%t%t%2 %tAccount Domain:%t%t%t%3 %tFully Qualified Account Name:%t%4 Client Machine: %tSecurity ID:%t%t%t%5 %tAccount Name:%t%t%t%6 %tFully Qualified Account Name:%t%7 %tOS-Version:%t%t%t%8 %tCalled Station Identifier:%t%t%9 %tCalling Station Identifier:%t%t%10 NAS: %tNAS IPv4 Address:%t%t%11 %tNAS IPv6 Address:%t%t%12 %tNAS Identifier:%t%t%t%13 %tNAS Port-Type:%t%t%t%14 %tNAS Port:%t%t%t%15 RADIUS Client: %tClient Friendly Name:%t%t%16 %tClient IP Address:%t%t%t%17 Authentication Details: %tProxy Policy Name:%t%t%18 %tNetwork Policy Name:%t%t%19 %tAuthentication Provider:%t%t%20 %tAuthentication Server:%t%t%21 %tAuthentication Type:%t%t%22 %tEAP Type:%t%t%t%23 %tAccount Session Identifier:%t%t%24 Quarantine Information: %tResult:%t%t%t%t%25 %tExtended-Result:%t%t%t%26 %tSession Identifier:%t%t%t%27 %tHelp URL:%t%t%t%28 %tSystem Health Validator Result(s):%t%29 %tQuarantine Grace Time:%t%t%30 |
|
Microsoft-Windows-Security-Auditing |
Network Policy Server granted full access to a user because the host met the defined health policy. User: %tSecurity ID:%t%t%t%1 %tAccount Name:%t%t%t%2 %tAccount Domain:%t%t%t%3 %tFully Qualified Account Name:%t%4 Client Machine: %tSecurity ID:%t%t%t%5 %tAccount Name:%t%t%t%6 %tFully Qualified Account Name:%t%7 %tOS-Version:%t%t%t%8 %tCalled Station Identifier:%t%t%9 %tCalling Station Identifier:%t%t%10 NAS: %tNAS IPv4 Address:%t%t%11 %tNAS IPv6 Address:%t%t%12 %tNAS Identifier:%t%t%t%13 %tNAS Port-Type:%t%t%t%14 %tNAS Port:%t%t%t%15 RADIUS Client: %tClient Friendly Name:%t%t%16 %tClient IP Address:%t%t%t%17 Authentication Details: %tProxy Policy Name:%t%t%18 %tNetwork Policy Name:%t%t%19 %tAuthentication Provider:%t%t%20 %tAuthentication Server:%t%t%21 %tAuthentication Type:%t%t%22 %tEAP Type:%t%t%t%23 %tAccount Session Identifier:%t%t%24 Quarantine Information: %tResult:%t%t%t%t%25 %tExtended-Result:%t%t%t%26 %tSession Identifier:%t%t%t%27 %tHelp URL:%t%t%t%28 %tSystem Health Validator Result(s):%t%29 |