[NAP] NPS/NAP Reporting - Introduction

I've spent a lot of time this year working on a MS NAP implementation. I'm nowhere near complete with this project but I would like to share what I've got so far in reference to reporting.

The best article I could find on NAP reporting is a guest post on the Microsoft NAP blog by Alex Chalmers from Ball State University. I'm sure it works fine but it's much more complicated than my environment warrants and since I'm a OpsMgr/ConfigMgr guy, I figured I would try it using ACS instead.

The benefits of ACS is that we don't need to have NAP SQL reporting enabled which eliminates a failure point for authentication and many SQL services depending on how many NPS servers you are running. The built in SQL reporting feature also doesn't include the health validator results while the event log does. Without this we can't determine why a client failed to meet our policy. ACS also takes care of data grooming for us.

ACS sounds pretty easy, all we need to do is enable the ACS forwarder on the NAP server and we're good…

Almost… There are a few road blocks that I've had to overcome. OpsMgr RTM/SP1's EventSchema did not include the events related to NAP. With R2, the events are included in the schema but the last few parameters of the event get truncated which throws out the SHV result.

This is going to be at least a 5 part series. In my next post, I'll outline the server architecture. In Part 3, I'll go over my EventSchema.xml customizations. In part 4, I'll show you how to parse the SHV result in SQL. In Part 5, I'll give you some sample reports. I hope to have these completed in the next 2 weeks. If I slack off, nudge me via the contact form.