locked
DirectAccess server with NAP integration RRS feed

  • Question

  • Hi,

    I am using existing CA for issuing system health certificate. But my server request failed using below information

    The request contains no certificate information; denied policy module 0x80094801, the request does not contain no information of certificate template extension or certificate template request attribute.

    Am I missing any configuration in NPS server.

    Is that mandatory to have dedicated server for NAP.

    Thanks in advance

    Sridhar


    Sridhar

    Thursday, April 10, 2014 1:20 PM

Answers

  • Hi,

    We can use existing CA for NAP implementation. In NAP server health registration authority , edit the properties of certificate authority as Enterprise CA and choose system health template. Above issue is resolved and client got certificate successfully.

    Regards,

    Sridhar


    Sridhar

    Monday, April 14, 2014 8:24 AM

All replies

  • Hi,

    Since Windows Server 2012 Microsoft does not recommand to have NPS+SHV co-located with the URA role. Unfortunatelly, Microsoft changed it's position for NAP : http://technet.microsoft.com/en-us/library/dn464273.aspx

    NAP was deprecated in Windows Server 2012 R2. This means that NAP may not be supported in future versions of Windows. New deployments with NAP are not recommended.

    From my experience, it works with a separate NPS like a charm.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Thursday, April 10, 2014 5:18 PM
  • Hi,

    We can use existing CA for NAP implementation. In NAP server health registration authority , edit the properties of certificate authority as Enterprise CA and choose system health template. Above issue is resolved and client got certificate successfully.

    Regards,

    Sridhar


    Sridhar

    Monday, April 14, 2014 8:24 AM