I am looking to better understand at what stage the NAP client initializes during the windows OS startup process. At some point during the winlogon initialization, the NAP client reports system status to the NAP enforcement server. If the NAP client logging in meets the
NPS requirements, it will be allowed to log into the network. Does this occur prior to establishing a secure channel to the domain controller? Since NAP is a window service, I would imagine that the service control manager starts prior to the NAP client. Any insight you could provide would be much appreciated.