DHCP Network Access Protection Integration
The Windows Server 2012 DHCP server
service can interact with the Network Access Protection (NAP) service.
NAP consists of administrator-defined policies that include specific
criteria to be met before a system is allowed to communicate on the
network. In simpler terms, with NAP policies enabled and enforced, an
organization can ensure that a connected system has antivirus software
and security updates and is a member of the corporate forest of
domains, as one example. When tied in with DHCP, you can use NAP to
allow a system to get just enough network connectivity to access the
NAP policy server to check prerequisites before getting connected to
the corporate network. To enable DHCP NAP integration on a single scope, follow these steps:
1. Open the DHCP console and connect to the desired DHCP server.
2. Expand the DHCP server to reveal the IPv4 node and expand to reveal the DHCP scopes configured on that server.
3. Right-click the desired scope and select Properties.
4. Display the Network
Access Protection tab, and under the Network Access Protection Settings
section, select the Enable for This Scope radio button.
5. Select to use the default NAP profile or specify a custom profile and click OK to save the settings to the scope.
To enable DHCP NAP integration for all scopes on a DHCP server, follow these steps:
1. Open the DHCP console and connect to the desired DHCP server.
2. Expand the DHCP server right-click and select Properties of the IPv4 node.
3. When the IPv4 Property window opens, display the Network Access Protection tab and click the Enable on All Scopes button.
4. A pop-up window opens stating that all NAP settings on all scopes will be overwritten. Click Yes to confirm.
5. Back in the IPv4
Properties window, select the DHCP server behavior when a Network
Policy Server (NPS) server is not available, as shown in Figure 1, and then click OK to save the settings.
Figure 1. Configuring NAP settings on the DHCP server.
This completes the DHCP NAP configuration steps.
Access DHCP Activity and Event Logs
Windows Server 2012 includes
detailed activity and event logging for the DHCP server service.
Historically, reporting or monitoring DHCP usage was quite a challenge,
if not impossible. Now DHCP administrators can easily access this data
using the built-in logging mechanisms. The DHCP activity log can be
read in a text-based editor and is stored in the
C:\Windows\System32\DHCP folder. A log is created for each day of the
week and named, for example, DHCPSrvLog-Wed.log
(for Wednesday). Logs are overwritten each week. The activity log
includes startup and shutdown service processing and lease activity.
DHCP event logging has also been increased and can be accessed in the
Event Viewer. The DHCP event logs include Admin, Operational, and
FilterNotifications. These logs are located in the in the Applications
and Services/Microsoft/Windows/DHCP-Server node.
