The installation of the Remote Access Quarantine Service creates a several entries in the registry, which enable you to change the items listed below. Note: If you use Registry Editor incorrectly, you might cause serious problems that might require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from misuse of the Registry Editor. Use Registry Editor at your own risk The full path to configure the registry parameters is: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rqs The parameters that you can configure are: | • | AllowedSet. The AllowedSet parameter enables you set the version of the script that is accepted by the remote access VPN quarantine server. AllowedSet, REG_MULTI_SZ |
The list of strings the service will accept for the purposes of removing quarantine are: | • | Port (REG_DWORD). The Port parameter specifies the TCP port on which RQS service will listen. 7250 is used if no port is specified. | | • | Authenticator (REG_SZ). Specifies the module to call to remove quarantine; the default is mprapi.dll. If you create a custom DLL to implement the removal of the quarantine filter functionality, it should expose the following function: DWORD MprAdminConnectionRemoveQuarantine(HANDLE hRasServer, HANDLE hRasConnection, BOOL fIsIpAddress) |
| • | Validator (REG_SZ). Specifies the module that verifies that the signature string sent my RQC is acceptable or not. By default, RQS.exe will compare the AllowedSet strings. The custom authenticator dll must expose the following function: BOOL ClientAuthenticate(LPCWSTR lpwsString). lpwsString containing the string to be authenticated. |
| |
