locked
NPS will not log any events RRS feed

  • Question

  • I have the following set but nothing at all appears on the event log under Network Policy and Access Services.

    1. Set to log both rejected and successful attempts under NPS properties

    2. Checked the log file location under Accounting

    3. Checked the following...

    C:\Windows\system32>auditpol /get /subcategory:"Network Policy Server"
    System audit policy
    Category/Subcategory                      Setting
    Logon/Logoff
    Network Policy Server                   Success and Failure

    I have tried re-enabling it using the following, I have also tried disabling it and re-enabling it

    C:\Windows\system32>auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable

    4. I have also tried fully removing the NPS roles and features the re-adding them but still it logs nothing!


    Tuesday, July 23, 2019 10:03 AM

Answers

  • There was an error in the WAP IP address configuration causing no events to be logged.

    Once corrected NPS started logging properly.

    Thanks for your help.

    • Marked as answer by rastarich Thursday, July 25, 2019 2:37 PM
    Thursday, July 25, 2019 1:10 PM

All replies

  • Tried all of that already, several times, including restarting services and rebooting inbetween!

    I am only using text logging and there is nothing at all created in the logfile location, wherever it is set.

    We have 5 other servers with the similar configs without any issues.


    • Edited by rastarich Tuesday, July 23, 2019 4:23 PM
    Tuesday, July 23, 2019 1:28 PM
  • Hi,

    Do you confirm that your NPS is in service to provide authentication. If it works, please refer to the following link: https://social.technet.microsoft.com/Forums/windows/en-US/3afb8626-224d-4632-b46a-6faa4d68db1a/nps-access-and-failed-logs-not-generating?forum=winserverNAP

    Best regards,

    Hollis Huang


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 24, 2019 7:51 AM
  • I am not sure if it is working as I cannot see the logs!

    The configuration is set to use NPS on another server on another site if it fails to grant access.

    This means even when the NPS service is working properly on a site we can still see some users from that site being granted access in the logs on another site, if that makes sense!

    How can I find out if NPS is authenticating at least some people when I don't have the local logs?

    I have also already tried adding that GP at the domain level.

    Thanks, Rich 

    Wednesday, July 24, 2019 9:30 AM
  • Hi,

    Have you tried manually enabling it in your local computer policy? Please Run gpedit.msc 

    Path: Computer Configuration  -> Windows Settings -> Security Settings -> Advanced Audit Policy Configuration -> System Audit Policies - Local Group Policy Object-> Logon/Logoff -> Audit Network Policy Server->Properties 

    At last, run command gpupdate/force and restart your computer

    Best regards,

    Hollis


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, July 25, 2019 3:26 AM
  • Hi Hollis

    Yes, I have it set both in the local policy and domain group policy, nothing seems to help!

    Thanks

    Rich

    Thursday, July 25, 2019 7:09 AM
  • There was an error in the WAP IP address configuration causing no events to be logged.

    Once corrected NPS started logging properly.

    Thanks for your help.

    • Marked as answer by rastarich Thursday, July 25, 2019 2:37 PM
    Thursday, July 25, 2019 1:10 PM