Condividi tramite


Network Access Protection Commands for NPS

Applies To: Windows Server 2008

This section contains the following commands.

  • add remediationserver

  • add remediationservergroup

  • add shvtemplate

  • delete remediationserver

  • delete remediationservergroup

  • delete shvtemplate

  • rename remediationserver

  • rename remediationservergroup

  • rename shvtemplate

  • reset remediationserver

  • reset remediationservergroup

  • reset shv

  • reset shvtemplate

  • set remediationserver

  • set shv

  • set shvtemplate

  • show napserverinfo

  • show remediationserver

  • show remediationservergroup

  • show shv

  • show shvtemplate

For information on how to interpret netsh command syntax, see Formatting Legend.

Network Access Protection commands

The following entries provide details for each command.

add remediationserver

Adds one or more servers to the specified remediation server group.

Syntax

add remediationserver [ remediationservergroup = ] remediationservergroup [ address = ] address [ [ name = ] name ]

Parameters

  • remediationservergroup
    Required. Specifies the name of the remediation server group to which you want to add servers.
  • address
    Required. Specifies the Fully Qualified Domain Name (FQDN) or IP address Of the remediation server that you want to add.
  • name
    Optional. Specifies the friendly name of the remediation server that you want to add.

Example

The following example adds a remediation server with the FQDN Server1.adatum.com to a remediation server group named Servers1. The friendly name for the server is Seattle Remediation server.

add remediationserver remediationservergroup = "Servers1" address = "Server1.adatum.com" name = "Seattle Remediation server"

add remediationservergroup

Adds a remediation server group to the NPS server configuration.

Syntax

add remediationservergroup [ name = ] name

Parameters

  • name
    Required. Specifies the name of the remediation server group that you want to add to the Network Policy Server (NPS) configuration.

add shvtemplate

Adds a system health validator (SHV) template, also called a health policy, to the NPS server configuration.

Syntax

add shvtemplate [ name = ] name [ [ id = ] id [ config = ] ALLMUSTPASS | ALLMUSTFAIL | ONEMUSTPASS | ONEMUSTFAIL ]

Parameters

  • name
    Required. Specifies the friendly name of the health policy.
  • id
    Optional. Specifies one or more valid SHV IDs separated by a comma. If no ID is specified, all SHVs are selected.
  • config
    Optional. Specifies the amount of SHVs that must pass or fail for the conditions of the network policy to be matched. If ALLMUSTPASS is designated, all SHVs configured in the health policy must pass for the conditions of the network policy to be matched. If ALLMUSTFAIL is designated, all SHVs configured in the health policy must fail for the conditions of the network policy to be matched. If ONEMUSTPASS is designated, one SHV configured in the health policy must pass for the conditions of the network policy to be matched. If ONEMUSTFAIL is designated, one SHV configured in the health policy must fail for the conditions of the network policy to be matched. The default is ALLMUSTPASS.

Example

In the following example, a health policy named HealthPolicy1 is added to the NPS server configuration.

add shvtemplate name = "HealthPolicy1"

Remarks

In Windows Server 2008 R2, this Netsh command is modified from the version in Windows Server 2008, and might provide different functionality. For more information, see Netsh Commands for Network Policy Server in Windows Server 2008 R2

delete remediationserver

Deletes one or more servers from the specified remediation server group.

Syntax

delete remediationserver [ remediationservergroup = ] remediationservergroup [ address = ] address [ [ name = ] name ]

Parameters

  • remediationservergroup
    Required. Specifies the name of the remediation server group from which you want to delete a server.
  • address
    Required. Specifies the FQDN or IP address of the remediation server that you want to delete.
  • name
    Optional. Specifies the friendly name of the remediation server that you want to delete.

delete remediationservergroup

Deletes a remediation server group.

Syntax

delete remediationservergroup [ name = ] name

Parameters

  • name
    Required. Specifies the name of the remediation server group that you want to delete from the NPS server configuration.

delete shvtemplate

Deletes the specified health policy (also called an SHV template).

Syntax

delete shvtemplate [ name = ] name

Parameters

  • name
    Required. Specifies the friendly name of the health policy that you want to delete.

rename remediationserver

Specifies a new Fully Qualified Domain Name (FQDN) or IP address for an existing remediation server that is a member of an existing remediation server group.

Syntax

rename remediationserver [remediationservergroup = ] remediationservergroup [ address = ] address [ newaddress = ] newaddress

Parameters

  • remediationservergroup
    Required. Specifies the name of the remediation server group that contains the remediation server that you want to rename.
  • address
    Required. Specifies the FQDN or the IP address of the remediation server that you want to rename.
  • newaddress
    Required. Specifies the new FQDN or IP address of the remediation server that you want to rename.

Example

The following example changes the name of the remediation server Server1.adatum.com in the remote remediation server group Servers1 to Remediation-01.adatum.com.

rename remediationserver remediationservergroup = "Servers1" address = "Server1.adatum.com" newaddress = "Remediation-01.adatum.com"

rename remediationservergroup

Renames the specified remediation server group.

Syntax

rename remediationservergroup [ name = ] name [newname =] new name

Parameters

  • name
    Required. Specifies the name of the remediation server group that you want to rename.
  • newname
    Required. Specifies the new name for the remediation server group.

Example

The following example changes the name of a remediation server group from Servers1 to Servers2.

rename remediationservergroup name = Servers1 newname = Servers2

rename shvtemplate

Renames an existing health policy (also called an SHV template).

Syntax

rename shvtemplate [ name = ] name [ newname = ] new name

Parameters

  • name
    Required. Specifies the existing name of the health policy.
  • newname
    Required. Specifies the new name for the health policy.

Example

The following example changes the name of a health policy from HealthPolicy1 to HealthPolicy2.

rename shvtemplate name = "HealthPolicy1" newname = "HealthPolicy2"

reset remediationserver

Resets a remediation server in the remediation server group that you specify.

Syntax

reset remediationserver [ remediationservergroup = ] remediationservergroup

Parameters

  • remediationservergroup
    Required. Specifies the name of the remediation server group that contains the remediation server that you want to reset.

reset remediationservergroup

Resets a remediation server group.

Syntax

reset remediationservergroup

reset shv

Resets the SHV configuration.

Syntax

reset shv

reset shvtemplate

Resets the health policy configuration.

Syntax

reset shvtemplate

set remediationserver

Modifies the configuration of a remediation server in the specified remediation server group.

Syntax

set remediationserver [ remediationservergroup = ] remediationservergroup [ address = ] address [ [ name = ] name ]

Parameters

  • remediationservergroup
    Required. Specifies the name of the remediation server group to which you want to add servers.
  • address
    Required. Specifies the FQDN or IP address of the remediation server that you want to add.
  • name
    Optional. Specifies the friendly name of the remediation server that you want to add.

set shv

Modifies the system health validator configuration.

Syntax

set shv [ id = ] id [ [ unreachablepolicyserver = ] NONCOMPLIANT | COMPLIANT [ unreachableremediationserver = ] NONCOMPLIANT | COMPLIANT [ shafailure = ] NONCOMPLIANT | COMPLIANT [ napserverfailure = ] NONCOMPLIANT | COMPLIANT [ othererrors = ] NONCOMPLIANT | COMPLIANT ]

Parameters

  • id
    Required. Specifies the ID number of the SHV.
  • unreachablepolicyserver
    Optional. Specifies the error that is returned when the SHV's policy server cannot be contacted. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.
  • unreachableremediationserver
    Optional. Specifies the error that is returned when the system health agent (SHA) cannot contact the remediation server and cannot successfully update a noncompliant NAP client. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.
  • shafailure
    Optional. Specifies the error that is returned when the SHA has an internal failure. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.
  • napserverfailure
    Optional. Specifies the error that is returned when the NAP server produces an internal failure. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.
  • othererrors
    Optional. Specifies all other errors in the NAP infrastructure. If you specify NONCOMPLIANT, the NAP client is treated as noncompliant. If you specify COMPLIANT, the NAP client is treated as compliant. The default is NONCOMPLIANT.

Example

The following example sets an SHV with the ID of 79744.

set shv id = "79744"

set shvtemplate

Changes the value of one or more properties of an existing health policy. Values specified by this command overwrite the existing values.

Syntax

set shvtemplate [ name = ] name [ [ id = ] id [ config = ] ALLMUSTPASS | ALLMUSTFAIL | ONEMUSTPASS | ONEMUSTFAIL ]

Parameters

  • name
    Required. Specifies the friendly name of the health policy.
  • id
    Optional. Specifies one or more valid SHV IDs separated by a comma. If no ID is specified, all SHVs are selected.
  • config
    Optional. Specifies the amount of SHVs that must pass or fail for the conditions of the network policy to be matched. If ALLMUSTPASS is designated, all SHVs configured in the health policy must pass for the conditions of the network policy to be matched. If ALLMUSTFAIL is designated, all SHVs configured in the health policy must fail for the conditions of the network policy to be matched. If ONEMUSTPASS is designated, one SHV configured in the health policy must pass for the conditions of the network policy to be matched. If ONEMUSTFAIL is designated, one SHV configured in the health policy must fail for the conditions of the network policy to be matched. The default is ALLMUSTPASS.

Remarks

In Windows Server 2008 R2, this Netsh command is modified from the version in Windows Server 2008, and might provide different functionality. For more information, see Netsh Commands for Network Policy Server in Windows Server 2008 R2

show napserverinfo

Displays the Network Access Protection (NAP) configuration of the specified server.

Syntax

show napserverinfo

show remediationserver

Displays the properties of the remediation servers in the specified group.

Syntax

[ remediationservergroup = ] remediationservergroup

Parameters

  • Remediationservergroup
    Required. Specifies the name of the remediation server group in which the server(s) reside.

show remediationservergroup

Displays the remediation server groups and the servers configured within each group.

Syntax

show remediationservergroup

show shv

Displays all of the system health validators (SHVs) that are registered in NPS.

Syntax

show shv

show shvtemplate

Displays all health policies.

Syntax

show shvtemplate

See Also

Concepts

NPS Server Commands
RADIUS Client Commands
Connection Request Policy Commands
Remote RADIUS Server Group Commands
Network Policy Commands
Accounting Commands