Announcement

Collapse
No announcement yet.

setting up NAP help

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • setting up NAP help

    I have had the worst week ever. The time taken to setup a WS2008 box as a DC/AD/DNS and a couple of virtual machines PLUS trying to restore back all my files/data for a HDD that unfortunately died on me. such a pain and so very little sleep.

    I spent over 27 hours trying to get NAP work - I fail at this and no idea where to go. PLEASE HELP.

    OK, I have a router which is my internet router and DHCP is enabled.
    After much headache, I was able to get my virtual machine to see my main computer (WS200 as a domain. I had to however change the DNS on the WS2008 to point to itself. no problem, done, and computer is added to the domain.

    I enabled NAP service in Windows 7/Vista.
    I disabled the firewall.

    on WS2008 I installed NAP, tried to create a policy where a complaint computer is where only Windows firewall is switched on. I also made a noncompliant policy where access is denied if they do not have windows firewall enabled.


    This however does not seem to work as expected. watching some videos online/pictures, I would expect to see a balloon notification on the client (Win7/Vista) to say that the computer is not complaint with the network, I would then also see it enable the firewall automatically - this never happens. everything continues as normal.

    Where am I going wrong? Please can some one give me a step by step detail on how to make NAP/NPS work properly as I have other things I need to do for NAP but cannot even get it up and running
    Thank-you for your time

  • #2
    Re: setting up NAP help

    You might read this to see where you go wrong:
    http://www.microsoft.com/Downloads/d...displaylang=en
    http://blogs.technet.com/teamdhcp/ar...hcp-scope.aspx
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: setting up NAP help

      Thank-you fellow MVP
      I will take a look at this now and hopefully get started again.

      Question is.... is there a way of making this work without me installing DHCP role and just use the internet router's own DHCP?

      Comment


      • #4
        Re: setting up NAP help

        I have successfully been able to get everything up and running except for this portion in the document:

        Verify Group Policy settings


        unfortunately, nothing shows in the netsh nap client show grouppolicy!

        C:\Users\User1>netsh nap client show grouppolicy
        NAP client configuration (group policy):
        ----------------------------------------------------
        NAP client configuration:
        ----------------------------------------------------



        any ideas what I could be doing wrong?

        Comment


        • #5
          Re: setting up NAP help

          And you have created the group policy and rebooted the client?
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: setting up NAP help

            correct. I seemed to have corrected the problem - I saw that the DHCP Enforcement quarentine was disabled again for some reason on the DC but thats all fine and enabled now, was then able to do gpupdate /force on the client - all is working now!

            Thanks so much.

            Maybe you can help me with this last step I am trying to do which is using the Windows SDK for NAP (WS2008 SDK) - how do I get it to run and register the SDK plugin and make the plugin work for the server and client? Any clues/ideas?

            Comment

            Working...
            X