Information Technology Reference
In-Depth Information
TABLE 4-2
Network policy conditions
Condition
Description
Windows Groups
The connecting user or computer must belong to one of the specified
groups.
Machine Groups
The connection computer must belong to one of the specified groups.
User Groups
The connecting user must belong to one of the specified groups
HCAP Location Groups
Specifies the HCAP location groups that match the policy.
HCAP User Groups
Specifies the HCAP user groups that match the policy.
Day and Time Restrictions
Limits the policy to only permit or only deny access during specified
time periods.
Identity Type
Limits the policy to only those clients identified by the specified
mechanism, typically a NAP statement of health (SoH).
MS-Service Class
The connecting computer must have an IP address from a DHCP scope
that matches the specified profile name.
Health policy
The connecting computer must meet the health criteria in the specified
health policy
NAP-Capable Computers
The connecting computer either is or is not a NAP-capable computer.
Operating System
The connecting computer meets the specified operating system
criteria. Criteria can include version, service pack, role (client or server),
architecture, and build number.
Policy Expiration
Specifies when the policy expires and is no longer evaluated by NPS.
Access Client IPv4 Address
Limits the policy to Access Clients with an IPv4 address matching the
policy. (Pattern matching supported.)
Access Client IPv6 Address
Limits the policy to Access Clients with an IPv6 address matching the
policy. (Pattern matching supported.)
Authentication Type
Specifies the authentication methods that can be used to meet the
policy.
Allowed EAP Types
Specifies the EAP types that are allowed for client computer
authentication.
Framed Protocol
Limits the policy to clients using specific framing protocols for
incoming packets. Typical framing protocols include PPP and SLIP.
Service Type
Limits the policy to those clients requesting the specified service.
Tunnel Type
Limits the policy to those clients whose tunnel type matches the policy.
Typical tunnel types include PPTP, SSTP, and L2TP.
Calling Station ID
Limits the policy to access clients that dialed in to a specific phone
number. (Pattern matching supported.)
Client Friendly Name
Limits the policy to clients whose friendly name matches the condition.
(Pattern matching supported.)
