"Sam" <(E-Mail Removed)> wrote in
news:(E-Mail Removed):
> Hi James -
>
> Thanks for the suggestion. I realize NAP doesn't work on XP which was
> the root of my question, I would like my XP client to still be able to
> recieve an IP from my DHCP server. I disabled NAP at the root level
> and enabled it on my NAP scope only which is on a 192.168.0.0\24
> range. For testing I created a 2nd scope (192.168.1.1\24) amd left
> NAP disabled. My XP or any other none-NAP supported client will not
> recieve an IP.
>
> Again, not sure if this is due to a DHCP configiration or NAP
> configiration. My goal is to have one DHCP server and one scope (all
> on same VLAN) that services all clients whether NAP enabled or not.
>
> Thank you.
>
>
> "James McIllece [MS]" <(E-Mail Removed)> wrote in message
> news:Xns9979B66117BFEjamesmcionlinemicros@207.46.2 48.16...
>> "Sam" <(E-Mail Removed)> wrote in
>> news:(E-Mail Removed):
>>
>>> Not sure if this is the right group for this so if not, can someone
>>> point me to the right one...
>>>
>>> In a test lab I deployed a Domain with an NPS server (DHCP NAP
>>> Enforcement), a DHCP server with the followiing Scope (192.168.0.10
>>> - .20\24) with NAP enabled on the scope, a VISTA client and an XP
>>> client. I enabled the NAP client on VISTA client, XP has no client.
>>> My VISTA client recieves a dynamic IP as it's supposed to but my XP
>>> client will not. Once I disable NAP for the scope, XP is able to
>>> get an IP. Enable NAP again, no IP for XP.
>>>
>>> That said, when I try to add a 2nd scope in hopes of servicing
>>> machines in the lab with out the NAP client (SCOPE IP - 192.168.0.30
>>> - 50\24) I recieve a conflict error with the first scope. Do I need
>>> to set up a 2nd DHCP server and enable the 2nd scope there? Is
>>> there a way to make this one DHCP server service all machines with
>>> an IP, regardless of NAP client and while maintaining NAP enabled on
>>> my first scope? Is this something to configure with DHCP or with in
>>> NAP?
>>>
>>> Thank you - SD
>>>
>>>
>>>
>>
>> For the first issue, XP doesn't support NAP, only Vista does.
>>
>> For the second issue, it sounds like you have enabled NAP for all
>> scopes. Disable NAP for all scopes, then for individual scopes that
>> you want to use
>> to enforce NAP, enable NAP enforcement on a scope by scope basis.
>>
>> --
>> James McIllece, Microsoft
>>
>> Please do not send email directly to this alias. This is my online
>> account
>> name for newsgroup participation only.
>>
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>
>
>
OK, so in this case you would handle the situation using network policy.
Create a network policy for non-NAP capable clients that allows them access
in addition to a network policy that processes connections for NAP capable
clients.
I believe that this whitepaper will assist:
"Network Access Protection Policies in Windows Server 2008" at
http://www.microsoft.com/downloads/d...8e47649e-962c-
42f8-9e6f-21c5ccdcf490&displaylang=en
This one might also help:
"Step-by-Step Guide: Demonstrate DHCP NAP Enforcement in a Test Lab" at
http://www.microsoft.com/downloads/d...ac38e5bb-18ce-
40cb-8e59-188f7a198897&displaylang=en
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
Similar Threads
Linear Mode
