locked
NAP and DHCP: behaviour with non Windows devices RRS feed

  • Question

  • Hi,
    I've been browsing the forum for a while and got some clues, but still I'm not sure about a thing: what does happen to non-Windows (*nix, Mac, etc clients) and non computer (printers, network appliances, etc.) devices in a DHCP NAP implementation?
    Let's assume, to make it easier (forgetting for a moment any possible security leak), that I'd want to grant access to my network to any printer, *nix or Mac clients and that they are configured to use DHCP. What does happen? Does NAP recognize that they are non-Windows devices and grants access or not? I read here and there that I can make a policy for NAP non-capable devices, but this would include, for example, new PCs that just have to be joined to the AD domain.
    At the moment I'm just interested in the "default" NAP behaviour in a case like this.
    Thanks in advance for your answers.
    • Edited by Bruno Ranzini Thursday, October 8, 2009 12:47 PM typing errors
    Thursday, October 8, 2009 12:46 PM

Answers

  • *nix, Mac, etc clients and non-computer devices (printers, network appliances, etc.) will all appear as non-NAP capable devices to your DHCP NAP implementation. That is unless they have some sort NAP client implementation installed (they are out there I hear). Such a *nix, Mac, or printer client will appear the same as a Windows client which has the NAP Agent disabled. They match the NPS policies you configure for non-NAP capable clients.

    • Marked as answer by Bruno Ranzini Thursday, October 8, 2009 11:08 PM
    Thursday, October 8, 2009 6:31 PM

All replies

  • *nix, Mac, etc clients and non-computer devices (printers, network appliances, etc.) will all appear as non-NAP capable devices to your DHCP NAP implementation. That is unless they have some sort NAP client implementation installed (they are out there I hear). Such a *nix, Mac, or printer client will appear the same as a Windows client which has the NAP Agent disabled. They match the NPS policies you configure for non-NAP capable clients.

    • Marked as answer by Bruno Ranzini Thursday, October 8, 2009 11:08 PM
    Thursday, October 8, 2009 6:31 PM
  • Thank you very much, exactly the info I needed.
    Thursday, October 8, 2009 11:09 PM