Continued from yesterday

Group Policy Management
Right click Group Policy Objects -> New -> New GPO
Name: NAP Client Settings

After GPO created, right click NAP Client Settings -> Edit
Expand Computer Configuration, Policies, Windows Settings, Security Settings -> System Services

Double click Network Access Protection Agent, check Define this policy setting, select Automatic option [ok]

Expand Computer Configuration, Windows Settings, Network Access Protection, NAP Client Configuration -> Enforcement Clients
Right click DHCP Quarantine Enforcement Client, click Enable

Click on NAP Client Configuration, right click NAP Client Configuration, click Apply. (Make sure NAP Client Configuration is Enabled)

Group Policy Management, expand Forest, Domains, click on NAP Client Settings GPO
Security Filtering, click Authenticated Users, click Remove
You will see a Group Policy Management dialog box asking if Do you want to remove this delegation privilege? Click OK.

Click Add, enter NAP Enforced Computers (Check names) [ok]

Active Directory Users and Computers -> Users
Double click NAP Enforced Computers -> Members tab -> Add
Tried to add LH-P61NQL342ZDZ to NAP Enforced Computers group. Failed to add (refer to image)

Computer was found under Domain Computers but still not found via adding.

Went to the Domain Computers and selected LH-P61NQL342ZDZ and added it to Member of NAP Enforced Computers instead.


Rename LH-P61NQL342ZDZ to VistaBiz (for easier reference)

Restart both server and workstation

ipconfig settings

print route settings

test auto-remediation feature by turning VistaBiz firewall off.
test failed. ideal situation, Firewall is automatically turned back on. Discrepancy also found in example and actual test. Difference being our settings showing as Public domain instead of private domain.