locked
Client is Non NAP-Capable RRS feed

  • Question

  • Hi,

    I am currently testing Windows Server 2008 TS Gateway with NAP.  We tested Server 2008 R2 RDS Gateway with NAP a while ago and ran into the same problem that we are having this time.  The gateway works fine if no references are made to health policies or NAP capability in the network policy conditions.  If we set a condition such as 'Computer must be NAP capable' or state that a certain health policy must be matched, the client will not connect to the TS Gateway.  This is the same problem that we had with Server 2008 R2 but we thought that it could be a config error so we tried Server 2008 but we are getting the same result- it would seem that the client is reporting itself as non NAP-capable but we don't understand why as there is no reason why it should be.

    I have installed the certificate onto the client computer and ran the tsgqecclientconfig.cmd script from the Microsoft website.  We have tried Windows XP SP3 clients, Windows 7 clients and Windows Vista clients and had the same result on all.

    Any help would be appreciated,

    Thanks,

    Ben

    Monday, April 12, 2010 3:46 PM

Answers

All replies

  • Hi,

    Can you please verify that the TS Gateway certificate is imported to the Trusted Root Certification Authorities container of the local computer certificate store, and not the User certificates store. Your problem is similar to http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/97a20f3a-d364-4e86-b42c-9e50df1dc900/ - review the last post in that thread.

    Thanks,

    -Greg

    • Marked as answer by ben_jones Tuesday, April 13, 2010 4:50 PM
    Monday, April 12, 2010 11:15 PM
  • Hi Greg,

    Many thanks for your help- it works perfectly now- I had imported the certificate into the user store, not the computer store.

    On another note, do you (or anyone else) know whether it is considered 'ok' to have the RDS Gateway and RDS Session Host roles on the same server?

    Thanks again for your help,

    Ben

    Tuesday, April 13, 2010 4:50 PM