Don't miss out on new posts! Sign up!

Windows 2012 R2 NPS log files location configuration

After a bit of frustration working on a project recently with a Windows 2012 R2 NPS RADIUS server, I had a bit of a refresher on Windows 2012 R2 NPS log files location configuration, administration and what I have experienced with logging behavior.

windows 2012 R2 NPS log files location configuration

Logging with Network Policy Server is a bit more convoluted than in the old days with plain IAS server.  I guess one of the main reasons is that NPS does so much more than just RADIUS.  However, when you need to find information about successful and failed logins, where do you look and where are things stored?

Let’s take a look at some of the logging configuration within NPS.  If you right click on NPS (Local) click properties, then General tab and make sure Rejected authentication requests and Successful authentication requests are selected.

Under Accounting you can also configure settings related to your log file format, location, and other information.  If you click Configure Accounting it launches a wizard that will allow the configuration of most of the log file properties.



Otherwise, you can simply click the Change Log File Properties link and you will have access to most of the options there as well.


I have found on my RADIUS server, the events are not logged to the System Log like NPS service related messages are logged.  However, in Server Manager >> NAP I see all the events as they relate to the logins and policy application.  Also, the low level logging can be found in c:widowssystem32logfilesIN*.log which you can configure in the wizard and the settings mentioned above.


Some have mentioned having issues seeing anything logged.  If so, check your audit policy as it relates to NPS to make sure events are being audited correctly.

auditpol /get /subcategory:"Network Policy Server"

If enabled, the output should be:

System audit policy

Category/Subcategory                      Setting
Network Policy Server                   Success and Failure

If it shows ‘No auditing’ run the following:

auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable

Final Thoughts

Hopefully this Windows 2012 R2 NPS log files location configuration post will help any who are struggling trying to make sense of where things are presented from NPS as to login successes and failures.  If you have any other tricks up your sleeve you would like to share as to NPS and logging, please comment below.

Don't miss out on new posts! Sign up!

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at and has over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, Brandon has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.