Event ID - 7

Event Id7
SourceHRA
DescriptionThe Health Registration Authority denied the request with the correlation-id %1 at %2 (principal %3) because the request was not authorized (%4). Discarding the request.
Event Information According to Microsoft :

Cause :

This event is logged when Health Registration Authority denied the request with the correlation-id.

Resolution :

Repair domain configuration

This error condition indicates that Internet Information Services (IIS) cannot connect to the global catalog, or that there is a problem with domain configuration on the client computer.

To perform these procedures, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.

Check network connectivity

To check connectivity between IIS and the domain controller designated as a global catalog server:
  1. On the computer where HRA is installed, click Start .
  2. Right-click Command Prompt , and then click Run as Administrator .
  3. In the command window, type nltest /sc_query:domainname , where domainname is the domain to which the server belongs, and then press ENTER.
  4. In the command output, record the value next to Trusted DC Name .
  5. In the command window, type nltest /server:servername /dsgetdc:domainname , where servername is the DNS name of the domain controller displayed in the preceding command, and domainname is the domain to which the server belongs, and then press ENTER.
  6. Confirm that the command completed successfully. If the command fails, check network connectivity to the domain controller.
  7. In the Flags line of output, confirm that GC appears.
  8. If GC does not appear in the list of flags, contact your domain administrator to enable global catalog on this server.
Repair the domain configuration

To review and change the computer name or domain on the client computer:
  1. On the client computer named in the event message text next to principal , click Start , click Control Panel , click System and Maintenance , and then click System .
  2. Under Computer name, domain, and workgroup settings , confirm that the computer name, full computer name, and domain for your deployment are correct.
  3. If any of these values are not correct, use the following steps to change the computer name or domain.

    a.Click Change settings , and then click Change .
    b.Under Computer name , type a name for this client computer.
    c.Under Member of , choose Domain or Workgroup , type the name of the domain or workgroup to which this computer belongs, and then click OK .
    d.If you are prompted for credentials, type the user name and password for an account with permission to join the domain, click OK , and then click OK again.
    e.If you are prompted to restart the computer, click OK , and then click Close .
    f.If you are prompted to restart the computer, click Restart Now .
Verify :


To perform this procedure, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.

HRA uses IIS for validation of domain credentials. To verify that the IIS service on your HRA server has connectivity to the domain controller designated as the gobal catalog server:
  1. On the computer where HRA is installed, click Start .
  2. Right-click Command Prompt , and then click Run as Administrator .
  3. In the command window, type nltest /server:servername /dsgetdc:domainname , where servername is the DNS name of the domain controller you have designated as a global catalog server, and domainname is the domain to which the server belongs, and then press ENTER.
  4. Confirm that the command completed successfully.
  5. In the Flags line of output, confirm that GC appears.
To verify the client domain configuration is correct:
  1. On a NAP client computer, click Start , click Control Pane l, click System and Maintenance , and then click System .
  2. Under Computer name, domain, and workgroup settings , verify that the Computer name, Full computer name , and Domain for your deployment are correct.
To verify the IIS worker process (w3wp.exe) started successfully:
  1. On a NAP client computer that is configured to use the current HRA, open an elevated command prompt.
  2. In the command window, type net stop napagent && net start napagent , and then press ENTER. This command will restart the NAP Agent service and cause the client computer to request a new health certificate.
  3. On the computer where HRA is installed, click Start , click Run , type eventvwr.msc , and then press ENTER.
  4. In the console tree, double-click Windows Logs , and then click System .
  5. In the details pane, review events with a Source of HRA and a current date and time.
  6. Under Event ID , confirm that 1 is displayed in the list.
Reference LinksEvent ID 7 from HRA

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.