HOWTO: Start/Stop Network Access Protection Agent service on Windows 7


The Network Access Protection (NAP) agent service collects and manages health information for client computers on a network. Information collected by NAP agent is used to make sure that the client computer has the required software and settings. If a client computer is not compliant with health policy, it can be provided with restricted network access until its configuration is updated. Depending on the configuration of health policy, client computers might be automatically updated so that users quickly regain full network access without having to manually update their computer.
Path to executable:
C:\Windows\System32\svchost.exe -k NetworkService
This article shows how to Start/Stop Network Access Protection Agent service on Windows 7


1. Start/Stop Network Access Protection Agent from Services.msc:

   - Please go to Pearl button (Start) and click on the Search programs and files
-Type services.msc and press Enter
-Locate Network Access Protection Agent observe his current status and open to make changes.
-From General tab you can Start/Stop and change the Startup type of Network Access Protection Agent
-To finish press ok button and close Services window

2. Change Startup type of Network Access Protection Agent from Registry Editor:

   - Please go to Pearl button (Start) and click on the Search programs and files
-Type regedit and press Enter
-Please confirm User Account Control pop-up
-Please navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\napagent and
locate Start registry key
-Double click on Start and edit the value:
Change Startup type :
Automatic - 2
Manual - 3
Disabled - 4
Automatic (Delayed Start) - 2
Note: When you change to Automatic (Delayed Start) a new key DelayedAutostart is created with value 1.
When you change to Automatic from Automatic (Delayed Start), DelayedAutostart change value to 0.

3. Start/Stop and change Startup type of Network Access Protection Agent from Command Prompt:

   - Please go to Pearl button (Start) and click on the Search programs and files
-Type cmd, right click on cmd icon under the Programs and click on Run as administrator
-Please confirm User Account Control pop-up
-Please select, right and copy a registry key from below, then right click on command prompt window
, select Paste and press Enter
To Start Network Access Protection Agent:
net start napagent
Note: You can’t start a service if Startup type is on Disabled.
To Stop Network Access Protection Agent:
net stop napagent
To change Startup type:
Automatic:
REG add "HKLM\SYSTEM\CurrentControlSet\services\napagent" /v Start /t REG_DWORD /d 2 /f
Manual:
REG add "HKLM\SYSTEM\CurrentControlSet\services\napagent" /v Start /t REG_DWORD /d 3 /f
Disabled:
REG add "HKLM\SYSTEM\CurrentControlSet\services\napagent" /v Start /t REG_DWORD /d 4 /f
Automatic (Delayed Start):
REG add "HKLM\SYSTEM\CurrentControlSet\services\napagent" /v Start /t REG_DWORD /d 2 /f
Note: When you change to Automatic (Delayed Start) a new key DelayedAutostart is created with value 1.
REG add "HKLM\SYSTEM\CurrentControlSet\services\napagent" /v DelayedAutostart /t REG_DWORD /d 1 /f
When you change to Automatic from Automatic (Delayed Start), DelayedAutostart change value to 0.
REG add "HKLM\SYSTEM\CurrentControlSet\services\napagent" /v DelayedAutostart /t REG_DWORD /d 0 /f

4. Prevent Network Access Protection Agent service from starting with the operating system using System Configuration (msconfig.exe):

   - Please go to Pearl button (Start) and click on the Search programs and files
-Write msconfig and press Enter
-In System Configuration please go to Services tab and locate Network Access Protection Agent.
Uncheck the box to prevent this service to start and then press OK to finish.
-Any change make in System Configuration will be apply after restart.

Also consider using Action1 to enable or disable network access quarantine if:
- You need to perform this action on multiple (hundreds or even thousands) computers simultaneously.
- Some of your endpoints are laptops not connected to corporate network at all times.

Action1 is a cloud-based platform for software deployment, software/hardware inventory, patch management, endpoint configuration and more. It is free with basic functionality.


Other Relevant HOWTOs: