This management pack monitors the Network Policy and Access server (NPS) role on Windows Server 2008/2012 (R2).
- 188.8.131.52 – Created a custom data source module to consolidate repeating event based on the “Trigger on Count, Sliding” module. The following rule is configured with the custom data source: “NPS: Authentication failed and the user was denied access”
- 184.108.40.206 – Changed the “Network Policy Servers Discovery” back to discover only Server 2008 (R2) servers and renamed the discovery to “Network Policy Servers 2008 Discovery”. Added a new discovery “Network Policy Servers 2012 Discovery” to discover NPS on Server 2012 (R2).
(Note: The MP is not tested by me on a 2012 NPS Server)
The first discovery is targeted to all Windows Server to determine if NPS role is installed or not. The discovery checks for existence of registry key HKLM\System\CurrentControlSet\Services\IAS.
Scripted configuration discovery
If the NPS role is installed there are 4 scripted discoveries to discover the configuration:
- Network Policy Server Client Configuration Discovery (netsh nps show client)
- Network Policy Server Connection Request Policy Configuration (netsh nps show crp)
- Network Policy Server Connection Network Policy Configuration (netsh nps show np)
- Network Policy Server Log Configuration Discovery