Event Id | 6277 |
Source | Microsoft-Windows-Security-Auditing |
Description | Network Policy Server granted access to a user but put it on probation because the host did not meet the defined health policy. User: Security ID: <Security ID> Account Name: <Account Name> Account Domain: <Domain Name> Fully Qualified Account Name:<Fully Qualified Account Name> Client Machine: Security ID: <Security ID> Account Name:<Account Name> Fully Qualified Account Name:<Fully Qualified Account Name> OS-Version: <OS-Version> Called Station Identifier: <Called Station Identifier> Calling Station Identifier: <Calling Station Identifier> NAS: NAS IPv4 Address:<NAS IPv4 Address> NAS IPv6 Address: <NAS IPv6 Address> NAS Identifier: <NAS Identifier> NAS Port-Type: <NAS Port-Type> NAS Port: <NAS Port> RADIUS Client: Client Friendly Name: <Client Friendly Name> Client IP Address: <Client IP Address> Authentication Details: Proxy Policy Name: <Proxy Policy Name> Network Policy Name: <Proxy Policy Name> Authentication Provider: <Authentication Provider> Authentication Server: <Authentication Server> Authentication Type: <Authentication Type> EAP Type: <EAP Type> Account Session Identifier:<Account Session Identifier> Quarantine Information: Result: <Result> Extended-Result: <Extended-Result> Session Identifier: <Session Identifier> Help URL: <Help URL> System Health Validator Result(s): <System Health Validator Result> |
Event Information | Cause : This event is logged when Network Policy server granted access to a user. Resolution : Change the configuration of the NAP client If your health policies or client configurations do not produce the results that you intended, you must change either the NAP client configuration or the health policies. |
Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.