Event ID 1014 — WSHA Client Remediation

Applies To: Windows Server 2008 R2

Remediation refers to the act or process of correcting a client configuration or software state that is not compliant with network health requirements. If Network Access Protection (NAP) policies are configured for automatic remediation, the Windows Security Health Agent (WSHA) will attempt to modify the client configuration to bring it into compliance with network health requirements.

For the WSHA, remediation of a client computer configuration depends on health requirements specified by the Windows Security Health Validator (WSHV) and the access of client computers to resources required to update and maintain their configuration to meet requirements of the WSHV.

Event Details

Product: Windows Operating System
ID: 1014
Source: Microsoft-Windows-SystemHealthAgent
Version: 6.1
Symbolic Name: MSSHA_EVENT_FW_REMEDIATION_FAIL
Message: Automatic remediation for firewall failed. Windows could not turn on Windows Firewall.
Failure Code: %1

Resolve

Enable the Windows Firewall service

This error condition indicates that the Windows Firewall service is not running. To resolve this condition, enable this service.

To perform this procedure, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.

To enable the Windows Firewall service for automatic startup and start the service:

  1. On the NAP client computer, click Start, click Run, type services.msc, and then press ENTER.
  2. In the console tree, double-click Windows Firewall.
  3. In the Windows Update Properties window, next to Startup type, choose Automatic.
  4. Under Service status, click Start.
  5. If the service has been started successfully, the service status will be displayed as Started. Click OK.

Verify

To verify that remediation was successful and the client computer is compliant with requirements of the WSHV:

  1. On the NAP client computer, click Start, point to All Programs, click Accessories, and then click Command Prompt.
  2. In the command window, type netsh nap client show state, and then press ENTER.
  3. In the command output, under System health agent (SHA) state, locate Windows Security Health Agent.
  4. Verify that the value of Remediation state is Success and not Could not update.
  5. Verify that the value of Fixup Message is The Windows Security Health Agent has finished updating its security state and not The Windows Security Health Agent failed to update the security state of this computer.

WSHA Client Remediation

NAP Infrastructure