Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
HRA groups can be set by group policy or can be discovered automatically by the NAP client using DNS SRV lookup, as specified in [RFC2782]. A NAP client discovers a suitable HRA at start-up using the following sequence:
Query SRV records for HRAs in the Active Directory site of the client (for example, _hra._tcp.<sitename>._sites.<domainname>)
Query SRV records for HRAs in the Active Directory domain of the client (for example, _hra._tcp.<domainname>)
Query SRV records for HRAs in the DNS domain of the client (for example, _hra._tcp.<DNSname>)
To enable HRA auto discovery, a registry setting entry MUST be represented in the machine-specific Registry Policy file as follows:
Key: Software\Policies\Microsoft\NetworkAccessProtection\ClientConfig\Enroll\HcsGroups
Value: "EnableDiscovery" or one of the value names specified in the table in [MS-GPREG] section 3.2.5.1 specifying how the value is deleted.
Type: REG_DWORD.
Size: Equal to the size of the Data field.
Data: A 32-bit unsigned integer.
Value |
Meaning |
---|---|
0x00000000 |
Disables HRA auto discovery. |
0x00000001 |
Enables HRA auto discovery. |