MZ@ !L!This program cannot be run in DOS mode. $Rؕ3}3}3}H̴3}H̱3}Rich3}PEL!   @.rsrc@@`0H h     0 @ Ph rDMUI[~_ &1 ix MUI en-USNPS Data Source ClassNPS Dictionary ClassPANPS Audit Channel ClassNPS Information Base ClassNPS NT Event Log ClassPA##H**(669988,@-@0@0@$)$0S113578@@ "++1./2 85x= &(F01N@IPPPa`acpve/n22@dThe remote RADIUS server %1 is now available. |Disk full. Deleted older logfile %1 to create free space. The RADIUS request was authenticated and authorized by Network Policy Server. NPS can now access the primary data store (%1) and is logging accounting information in the data store. NPS can now access the secondary data store (%1) and is logging accounting information in the data store. Classic Disk full. Could not find older logfile to delete and create free space. TRemote RADIUS to Windows User Mapping A LDAP connection with domain controller %1 for domain %2 is established. The remote RADIUS server %1 has not responded to %2 consecutive requests. The server has been marked as unavailable. (<undetermined> $<not present> <none> Windows $RADIUS Proxy Unknown ,Domain Controller Server Workstation Compliant $NonCompliant Infected Transition No Data None Other ,Client Component 4Client Communication ,Server Component 4Server Communication (Unauthenticated Extension Full Access Quarantined $On Probation Async Sync ISDN Sync ,ISDN Async V.120 ,ISDN Async V.110 Virtual 0HDLC Clear Channel G.3 Fax Ethernet Cable ,Wireless - Other 8Wireless - IEEE 802.11 |Accounting information was written to the local log file. |Accounting information was written to the SQL data store. Accounting information was written to the SQL data store and the local log file. |Accounting information was not written to any data store. Domain controller %1 for domain %2 is not responsive. NPS switches to other DCs. tNPS cannot log accounting information in the primary data store (%1). Because of this, NPS is now logging accounting information in the secondary data store. Error information: %2. NPS cannot log accounting information in the primary data store (%1). NPS will continue to process connection requests without logging accounting information in this data store. Error information: %2. PNPS cannot log accounting information in the primary data store (%1). Due to this logging failure, NPS will discard all connection requests. Error information: %2. TNPS cannot log accounting information in the secondary data store (%1). Due to this logging failure, NPS will discard all connection requests. Error information: %2. xNPS cannot log accounting information in the secondary data store (%1). NPS will continue to process connection requests without logging accounting information. Error information: %2. There are some SHV configuration conflict in the Health Policies used by Network Policy: (%1). The name, %1, of the RADIUS client, %2, could not be resolved. The data is the error code generated by Windows Sockets. The IP address, %1, of the RADIUS client, %2, is not a valid IP address. An internal error occurred while processing a request. The data is the error code. A RADIUS message was received from the invalid RADIUS client IP address %1. XA RADIUS message was received from RADIUS client %1 with an invalid authenticator. This is typically caused by mismatched shared secrets. Verify the configuration of the shared secret for the RADIUS client in the Network Policy Server snap-in and the configuration of the network access server. A malformed RADIUS message was received from client %1. The data is the RADIUS message. tA RADIUS message with the Code field set to %1, which is not valid, was received on port %2 from RADIUS client %3. Valid values of the RADIUS Code field are documented in RFC 2865. An Access-Request message was received from RADIUS client %1 without a Message-Authenticator attribute when a Message-Authenticator attribute is required. Verify the configuration of the RADIUS client in the Network Policy Server snap-in (the "Client must always send the Message-Authenticator attribute in the request" checkbox) and the configuration of the network access server. An Access-Request message was received from RADIUS client %1 with a Message-Authenticator attribute that is not valid. DAn Access-Request message was received from RADIUS client %1 with an Extensible Authentication Protocol (EAP) message but no Message-Authenticator attribute. An attribute in the response to RADIUS client %1 exceeds the maximum RADIUS attribute length. The data is the RADIUS attribute type. For more information on the RADIUS attribute type, see RFC 2865 and http://www.isi.edu/in-notes/iana/assignments/radius-types. The response to RADIUS client %1 exceeds the maximum RADIUS message length of 4096 bytes. The Network Policy Server (NPS) could not send a response due to a network error. The data is the error code generated by Windows Sockets. <RADIUS_E_ERRORS_OCCURRED (The RADIUS Proxy could not resolve the name of remote RADIUS server %1 in remote RADIUS server group %2 to an IP address. The error code is %3. The address of remote RADIUS server %1 in remote RADIUS server group %2 resolves to local address %3. The address will be ignored. The RADIUS Proxy received a response from the invalid IP address %1:%2 (IP address:port). The RADIUS Proxy received a malformed response from server %1. The data is the RADIUS message. The RADIUS Proxy received a response from server %1 with an invalid authenticator. The RADIUS Proxy received a response from server %1 with an invalid Message-Authenticator attribute. The RADIUS Proxy received a response from server %1 with a missing Message-Authenticator attribute. PThe RADIUS Proxy received a response from server %1 with the Code field set to the invalid value of %2. Valid values of the Code field are documented in RFC 2865. The RADIUS Proxy received an unexpected response from server %1. The data is the RADIUS message. The RADIUS Proxy was unable to forward a RADIUS request to remote RADIUS server %1 because of a network error. The error code is %2. The RADIUS Proxy is unable to receive responses because of a network error. The error code is %2. Disk full. Could not delete older logfile %1 to create free space. This edition of Windows Server cannot support any of the following NPS configurations:%n - More than 50 RADIUS clients%n - More than two RADIUS server groups%n - Client identification by subnet mask%n To set up your server to support any of these configurations, install a Windows Server edition without these limitations.%n Extension host failed to load extension DLL. Path: %1. Error: %2 An internal error occurred. Check the system event log for additional information. There are not sufficient access rights to process the request. The RADIUS Request message that Network Policy Server received from the network access server was malformed. xThe Active Directory global catalog cannot be accessed. The Network Policy Server was unable to connect to a domain controller in the domain where the account is located. Because of this, authentication and authorization for the RADIUS request could not be performed. The NPS server is unavailable because of low hardware resources or because it failed to receive the name of a domain controller, which can be due to a security accounts manager (SAM) database failure on the local computer or an NT directory service (NTDS) failure. TThe specified domain does not exist. `The specified user account does not exist. The request was discarded by a third-party extension DLL file. The request was discarded because an extension dll crashed or malfunctioned. HAuthentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect. The user could not change his or her password because the new password did not meet the password requirements for this network. pThe specified authentication type is not supported. tThe user could not be authenticated using Challenge Handshake Authentication Protocol (CHAP). A reversibly encrypted password does not exist for this user account. To ensure that reversibly encrypted passwords are enabled, check either the domain password policy or the password settings on the user account. `LAN Manager authentication is not enabled. An NPS extension dynamic link library (DLL) that is installed on the NPS server rejected the connection request. The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server. An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors. 8The Access-Request message contains a domain user name. NPS is joined to a workgroup and can process connection requests only for local user accounts. \The user must change his or her password. The user or computer account that is specified in the RADIUS Access-Request message is disabled. The user or computer account that is specified in the RADIUS Access-Request message is expired. The user's authentication attempts have exceeded the maximum allowed number of failed attempts specified by the account lockout threshold setting in Account Lockout Policy in Group Policy. To unlock the account, edit the user account properties. According to Active Directory user account logon hours, the user is not permitted to access the network on this day and time. To change the account logon hours, edit the user account properties in Active Directory. Authentication failed due to a user account restriction or requirement that was not followed. For example, the user account settings might require the use of a password but the user attempted to log on with a blank password. The connection request did not match any configured network policy. The RADIUS request did not match any configured connection request policy (CRP). xRemote Access Account Lockout is enabled, and the user's authentication attempts have exceeded the designated lockout count because the credentials they supplied (user name and password) are not valid. The user account will be removed from the locked out list on successful authentication or on the expiration of the configured lockout time. To manually reset a locked out account, delete the registry subkey that corresponds to the user account name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout\domain name:user name (The Network Access Permission setting in the dial-in properties of the user account in Active Directory is set to Deny access to the user. To change the Network Access Permission setting to either Allow access or Control access through NPS Network Policy, obtain the properties of the user account in Active Directory Users and Computers, click the Dial-in tab, and change Network Access Permission. The user attempted to use an authentication method that is not enabled on the matching network policy. $The user attempted to connect through either a phone number or calling station that does not match the Caller ID listed for the user account. The user or computer does not have permission to access the network on this day at this time. To change the day and time when the user is permitted to connect to the network, change the Day and Time Restrictions in the constraints of the matching network policy. The telephone number of the network access server does not match the value of the Called-Station-ID attribute that is configured in the constraints of the matching network policy. NPS denied the Access-Request. The network access method used by the access client to connect to the network does not match the value of the NAS-Port-Type attribute that is configured in the constraints of the matching network policy.  LThe user's password has expired or is about to expire and the user must change it, but the change password option is not enabled for the matching network policy. <The user attempted to authenticate using a certificate with an Extended Key Usage or Issuance Policy that is not allowed by the matching network policy. The authentication or accounting record could not be written to the configured accounting datastore. Ensure that the log file location is accessible, has available space, can be written to, and that the directory or SQL server is available. Authentication failed due to an EAP session timeout; the EAP session with the access client was incomplete. The authentication request was not processed because it contained a Remote Authentication Dial-In User Service (RADIUS) message that was not appropriate for the secure authentication transaction. The remote RADIUS (Remote Authentication Dial-In User Service) server did not process the authentication request. The remote RADIUS (Remote Authentication Dial-In User Service) server group does not exist. The authentication request could not be forwarded to the remote RADIUS (Remote Authentication Dial-In User Service) server because this server is no longer configured from the local server. The RADIUS request could not be forwarded to the RADIUS server because the issued packet was invalid. 4The local NPS proxy server cannot forward the connection request to the remote RADIUS server because network problems caused a Windows socket error. The remote RADIUS (Remote Authentication Dial-In User Service) server did not respond. The local NPS proxy server received a RADIUS message that is malformed from a remote RADIUS server, and the message is unreadable. This issue can also be caused if a connection request contains more than the expected number of user-name attributes, or if the user-name attribute value is not valid, such as if the value has zero length or if it contains characters that are not valid. @The certificate is revoked. No Dll or exported function was found to verify revocation. The revocation function was unable to check revocation for the certificate. The revocation function was unable to check revocation because the revocation server was offline. The message or signature supplied for verification has been altered pNo authority could be contacted for authentication. The supplied message is incomplete. The signature was not verified. The credentials supplied were not complete, and could not be verified. The context could not be initialized. |The clocks on the client and server machines are skewed. The certificate chain was issued by an authority that is not trusted. xThe message received was unexpected or badly formatted. tThe certificate is not valid for the requested usage. TThe received certificate has expired. The client and server cannot communicate, because they do not possess a common algorithm. dSmartcard logon is required and was not used. LA system shutdown is in progress. |The received certificate was mapped to multiple accounts. 8Unknown trust provider. The trust verification action specified is not supported by the specified trust provider. The form specified for the subject is not one supported or known by the specified trust provider. tThe subject is not trusted for the specified action. \No signature was present in the subject. $A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. The validity periods of the certification chain do not nest correctly. A certificate that can only be used as an end-entity is being used as a CA or visa versa. A path length constraint in the certification chain has been violated. A certificate contains an unknown extension that is marked 'critical'. A certificate being used for a purpose other than the ones specified by its CA. A parent of a given certificate in fact did not issue that child certificate. A certificate is missing or has an empty value for an important field, such as a subject or issuer name. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. A certificate chain could not be built to a trusted root authority. 8Generic trust failure. pA certificate was explicitly revoked by its issuer. The certification path terminates with the test root which is not trusted with the current policy settings. The revocation process could not continue - the certificate(s) could not be checked. The certificate's CN name does not match the passed value. tThe certificate is not valid for the requested usage. The certificate was explicitly marked as untrusted by the user. A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. PThe certificate has invalid policy. The certificate has an invalid name. The name is not included in the permitted list or is explicitly excluded. The client cert name does not matches the user name or the KDC name is incorrect. |The message supplied for verification is out of sequence tNo credentials are available in the security package XReceived Crypto-Binding TLV is invalid. \Expected Crypto-Binding TLV not received. lThe Request is dropped due to congestion control. xThere is no domain controller available for domain %1. 4VS_VERSION_INFO@%@%?StringFileInfo040904B0LCompanyNameMicrosoft CorporationVFileDescriptionNPS Services Componentr)FileVersion6.3.9600.16384 (winblue_rtm.130821-1623)8 InternalNameIASSVCS.DLL.LegalCopyright Microsoft Corporation. All rights reserved.HOriginalFilenameIASSVCS.DLL.MUIj%ProductNameMicrosoft Windows Operating SystemBProductVersion6.3.9600.16384DVarFileInfo$Translation PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING