Partager via


NAP Client Health Status

Applies To: Windows Server 2008

When Network Policy Server (NPS) is configured as a Network Access Protection (NAP) policy server, health policy and client computer configuration determine whether NAP-capable client computers are allowed full network access, full network access for a limited time, or limited access to a restricted network only. This determination is made based on the health policy created in NPS. NAP client computers that comply with health policies are allowed full network access.

Events

Event ID Source Message

6276

Microsoft-Windows-Security-Auditing

Network Policy Server quarantined a user.

Contact the Network Policy Server administrator for more information.

User:
%tSecurity ID:%t%t%t%1
%tAccount Name:%t%t%t%2
%tAccount Domain:%t%t%t%3
%tFully Qualified Account Name:%t%4

Client Machine:
%tSecurity ID:%t%t%t%5
%tAccount Name:%t%t%t%6
%tFully Qualified Account Name:%t%7
%tOS-Version:%t%t%t%8
%tCalled Station Identifier:%t%t%9
%tCalling Station Identifier:%t%t%10

NAS:
%tNAS IPv4 Address:%t%t%11
%tNAS IPv6 Address:%t%t%12
%tNAS Identifier:%t%t%t%13
%tNAS Port-Type:%t%t%t%14
%tNAS Port:%t%t%t%15

RADIUS Client:
%tClient Friendly Name:%t%t%16
%tClient IP Address:%t%t%t%17

Authentication Details:
%tProxy Policy Name:%t%t%18
%tNetwork Policy Name:%t%t%19
%tAuthentication Provider:%t%t%20
%tAuthentication Server:%t%t%21
%tAuthentication Type:%t%t%22
%tEAP Type:%t%t%t%23
%tAccount Session Identifier:%t%t%24

Quarantine Information:
%tResult:%t%t%t%t%25
%tExtended-Result:%t%t%t%26
%tSession Identifier:%t%t%t%27
%tHelp URL:%t%t%t%28
%tSystem Health Validator Result(s):%t%29

6277

Microsoft-Windows-Security-Auditing

Network Policy Server granted access to a user but put it on probation because the host did not meet the defined health policy.

Contact the Network Policy Server administrator for more information.

User:
%tSecurity ID:%t%t%t%1
%tAccount Name:%t%t%t%2
%tAccount Domain:%t%t%t%3
%tFully Qualified Account Name:%t%4

Client Machine:
%tSecurity ID:%t%t%t%5
%tAccount Name:%t%t%t%6
%tFully Qualified Account Name:%t%7
%tOS-Version:%t%t%t%8
%tCalled Station Identifier:%t%t%9
%tCalling Station Identifier:%t%t%10

NAS:
%tNAS IPv4 Address:%t%t%11
%tNAS IPv6 Address:%t%t%12
%tNAS Identifier:%t%t%t%13
%tNAS Port-Type:%t%t%t%14
%tNAS Port:%t%t%t%15

RADIUS Client:
%tClient Friendly Name:%t%t%16
%tClient IP Address:%t%t%t%17

Authentication Details:
%tProxy Policy Name:%t%t%18
%tNetwork Policy Name:%t%t%19
%tAuthentication Provider:%t%t%20
%tAuthentication Server:%t%t%21
%tAuthentication Type:%t%t%22
%tEAP Type:%t%t%t%23
%tAccount Session Identifier:%t%t%24

Quarantine Information:
%tResult:%t%t%t%t%25
%tExtended-Result:%t%t%t%26
%tSession Identifier:%t%t%t%27
%tHelp URL:%t%t%t%28
%tSystem Health Validator Result(s):%t%29
%tQuarantine Grace Time:%t%t%30

6278

Microsoft-Windows-Security-Auditing

Network Policy Server granted full access to a user because the host met the defined health policy.

User:
%tSecurity ID:%t%t%t%1
%tAccount Name:%t%t%t%2
%tAccount Domain:%t%t%t%3
%tFully Qualified Account Name:%t%4

Client Machine:
%tSecurity ID:%t%t%t%5
%tAccount Name:%t%t%t%6
%tFully Qualified Account Name:%t%7
%tOS-Version:%t%t%t%8
%tCalled Station Identifier:%t%t%9
%tCalling Station Identifier:%t%t%10

NAS:
%tNAS IPv4 Address:%t%t%11
%tNAS IPv6 Address:%t%t%12
%tNAS Identifier:%t%t%t%13
%tNAS Port-Type:%t%t%t%14
%tNAS Port:%t%t%t%15

RADIUS Client:
%tClient Friendly Name:%t%t%16
%tClient IP Address:%t%t%t%17

Authentication Details:
%tProxy Policy Name:%t%t%18
%tNetwork Policy Name:%t%t%19
%tAuthentication Provider:%t%t%20
%tAuthentication Server:%t%t%21
%tAuthentication Type:%t%t%22
%tEAP Type:%t%t%t%23
%tAccount Session Identifier:%t%t%24

Quarantine Information:
%tResult:%t%t%t%t%25
%tExtended-Result:%t%t%t%26
%tSession Identifier:%t%t%t%27
%tHelp URL:%t%t%t%28
%tSystem Health Validator Result(s):%t%29

NPS Network Access Protection

Network Policy Server Infrastructure