Information Technology Reference
In-Depth Information
FIGURE 4-45
The Add New Server dialog box
10.
You can now use this Remediation Server Group in network policies to allow
non-compliant clients to correct the problem and return to compliance.
To create an NPS Remediation Server Group and add an NPS Remediation Server to it, use
the New-NpsRemediationServerGroup and New-NpsRemediationServer cmdlets; for example:
New-NpsRemediationServerGroup -Name "RemGroup1"
New-NpsRemediationServer -RemediationServerGroup "RemGroup1" -Address "192.168.10.1"
To isolate the noncompliant clients, you need to configure a noncompliant NAP policy, as
described in the earlier section, “Configuring network policies for VPN clients.” The process is
similar for both VPN and DHCP policies. To create a new noncompliant network policy, follow
these steps:
Right-click Network Policies in the Policies folder of the console tree.
1.
Select New to open the New Network Policy Wizard.
2.
Enter a Policy Name, such as
NAP Noncompliant
.
3.
Select the type of Network Access Server, such as DHCP Server or Remote Access
Server (VPN-Dial-up).
4.
Click Next to open the Specify Conditions page and click Add to add policy conditions.
5.
Scroll down and select Health Policies and click Add to open the Health Policies dialog
box shown in Figure 4-46.
6.
