locked
2008 R2 Server NPS - Unable to edit Security Health Validator Settings RRS feed

  • Question

  • On my 2008 R2 NPS servers I'm no longer able to change any of the Security Health Validator Settings.
    I can click on the settings but the window to edit the settings no longer pops up.
    I've tried to uninstall the role, reboot and then reinstalled the nps it but all without luck.

    These problems occured after problems with ESET Nod32 Anti-Virus update 5418.

    On a fresh 2008 R2 Install I could easily reproduce the problems, install NPS, everything worked, install Nod32 and update, NPS no longer works.   

    As it seems the NAP policy also no longer functions properly, radius clienst get authenticated properly but NAP clients get redirected to the Restricted VLAN. The exact same policy is on use on a 2008 (non R2) server and there it continues to work as expected (with NOD32 installed).

    Monday, September 6, 2010 7:41 AM

Answers

  • No event is being logged on the server on not being able to edit the  Security Health Validator Settings.

    The AV product  is fully certified for 2008 R2, an uninstall of the AV software didn't help. A removal of the NPS role and reinstall of the role on the same server also didn't help.

    Now creating a new VM trying to replicate the scenario.

    Update:

    Just finished building a new 2008 R2 VM system, didn't install the NOD32 AV product.
    Pre-installing the latest Windows updates it worked, after installing the latest updates it stopped working.

    Seems NOD32 isn't causing the prolblem after all.

    Update 2:

    Identified the cause, .Net framework 4.0 caused the issue.
    Removing it and a reboot seemed to have fixed the issue.

     

    Tuesday, September 7, 2010 8:44 AM

All replies

  • Hi ITmab  ,

     

    Thanks for post here.

     

    Is there any related event was recorded in the event log on this server ?

     

    If you can clearly indicate that install the third party antivirus software is the root cause of this issue. So what if uninstall it ? would make this issue away?

    Maybe you should consult with the software vendor to verify if this version you installed is compatible with windows server 2008 R2.

     

    Meanwhile ,please using MMC snap-in from another computer to remotely connect to this server and check if you could modify the system health validator settings.

     

    Administer NPS by Using Tools

    http://technet.microsoft.com/en-us/library/cc732994(WS.10).aspx

     

    Thanks.

     

    Tiger Li

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Tuesday, September 7, 2010 2:33 AM
  • No event is being logged on the server on not being able to edit the  Security Health Validator Settings.

    The AV product  is fully certified for 2008 R2, an uninstall of the AV software didn't help. A removal of the NPS role and reinstall of the role on the same server also didn't help.

    Now creating a new VM trying to replicate the scenario.

    Update:

    Just finished building a new 2008 R2 VM system, didn't install the NOD32 AV product.
    Pre-installing the latest Windows updates it worked, after installing the latest updates it stopped working.

    Seems NOD32 isn't causing the prolblem after all.

    Update 2:

    Identified the cause, .Net framework 4.0 caused the issue.
    Removing it and a reboot seemed to have fixed the issue.

     

    Tuesday, September 7, 2010 8:44 AM
  • Hi ITmab  ,

     

    Thanks for update .

     

    So install .Net framework 4.0 on server is the root cause of this issue.

    Glad you find it , maybe .Net framework 4.0 is not compliable with system yet. I think it will be improved in further update.

     

    Thanks again for your update.

     

    Tiger Li

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Wednesday, September 8, 2010 2:21 AM