I’m testing NAP with DHCP configurations and ran into a strange issue. My first tests had the network policy server installed on the same server as the DHCP role, similar to every other guide I’ve seen.
When testing this with DHCP on a different server than NPS, the configuration didn’t work correctly at all.
The missing piece? A connection request policy to send authentication requests to NPS (this would have been apparent had I read TechNet closely enough, see here: https://technet.microsoft.com/en-us/library/dd125315%28v=ws.10%29.aspx )
In any event, you want to create a connection request policy with the following settings:
- Type of network access server: DHCP server
- Conditions: Can be anything, but the interface will make you specify something. Since this was a test, I simply used “day and time restrictions” and set for 24/7.
- Forward requests to the following remote RADIUS server group for authentication: Select a configured group with the NPS server in it.
Again, a case of RTFM, but I did bang my head on the wall for about 30 minutes troubleshooting. I’m not sold on Microsoft’s NAP overall, but that is a topic for a different post.