You get “Iashlpr initialization failed” error after installing DHCP on Windows 2008R2

After installing DHCP server on windows 2008 R2, you notice that your system event log will be filled with Errors Event ID: 1070 “Iashlpr initialization failed: The DHCP service was unable to access path specified for the audit log. So DHCP server cannot talk to NPS server. It could be that IAS service is not started.”

Event ID: 1070
Source: DHCP-Server

Iashlpr initialization failed: The DHCP service was unable to access path specified for the audit log. So DHCP server cannot talk to NPS server

At first I have ignored this error since it wasn’t affecting my DHCP Server behavior, everything was working fine, and clients were obtaining proper IP addresses and network settings.
Until I had to configure WPAD entry in order to enable TMG Firewall Client to automatically detect the TMG server. TMG clients were failing to automatically detect the TMG Server, I start troubleshooting the issue, I tried everything add/remove the WPAD entry, changing the WPAD value, etc… but all my trials were unsuccessful.

So I decided to go deeper with my inspection and start inspecting my firewall client behavior thus in order to do that I have installed the firewall client Auto detect tool which was very helpful for me. Although this tool was written for ISA 2004 but it works with ISA 2006 and TMG since all the three systems uses the same auto detection concept “DHCP/DNS” except the TMG Firewall client now uses a new way to publish auto detect information in Active Directory, which I am not using in this scenario although is it the most secure method, but it doesn’t provide location based flexibilities whenever you want to publish multiple TMG/ISA Servers in different locations.to use fwctools Open cmd and Type “fwctool TestAutoDetect” after extracting the zip file on your client computer.

After running the FWCTools on 2 of my clients I got the same below results,

As you can see that the tool has failed to query the WPAD entry which I have configured on my DHCP server. It is good to know that but why? Obviously it is something from the server, so in order to inspect the DHCP server behavior I have installed “WIRESHARK “ on my DHCP server which is a good network monitor that I use often.  After inspecting the DHCP packets I have noticed that WPAD packets are being dropped! even though clients are obtaining properly DHCP leases and along with other scope options, such as Default gateway and DNS.

So I have decided to go back and check the DHCP configuration once again, and have a look on the Event ID:1070 already mentioned above.  After a bit of research on the error I found it is a good time to understand the relation between the DHCP and NPS server http://technet.microsoft.com/en-us/library/cc726898(WS.10).aspx . Since this is a new behavior with windows server 2008. To make a story short I have concluded that my DHCP server is looking for the NPS server For NAP integration however I didn’t setup any NPS server on the machine and I am not intending to use it, so I thought I would give it a try and try to disable NAP on my DHCP server for all the scopes. So I went to the IPv4 properties and opened the “Network Access protection” Tab examined everything and  I disabled the NAP for all the scopes.

After disabling NAP  I have restarted the DHCP services, and all the error Events that were occurring has disappeared, and then I went back and run the Fwctools on my clients and got successful results, same as the TMG firewall client Auto Detect worked properly.

you may notice the above snapshot that the DHCP server behavior when Network Policy Server (NPS) is unreachable is set to full however this didn’t keep the DHCP server from dropping WPAD queries. So I think it might be either a bug in DHCP 2008 R2 or this settings works only when you already have NPS Services installed but not reachable, which find doesn’t makes sence.

Hope that this information will be helpful for you

Experienced Consultant Team Lead with a demonstrated history of working in the information technology and services industry. Skilled in Azure, Skype for Business, SQL Server, Iaas, Saas, PaaS, ITIL, Microsoft Solutions, and Servers. Strong information technology professional, technology passionate.

Posted in Operating Systems Tagged with: , , ,
10 comments on “You get “Iashlpr initialization failed” error after installing DHCP on Windows 2008R2
  1. Elchivato says:

    dude you're a freaking genius, thank you.

  2. Nenad Veselinov says:

    Thanks for the workaround ! but a got a warning after disabling saying:
    Log Name:      System
    Source:        Microsoft-Windows-DHCP-Server
    Date:          5/20/2011 12:52:02 PM
    Event ID:      1056
    Task Category: None
    Level:         Warning
    Keywords:      Classic
    User:          N/A
    Computer:      

    Description:The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service.   This is not a recommended security configuration.  Credentials for Dynamic DNS registrations may be configured using the command line “netsh dhcp server set dnscredentials” or via the DHCP Administrative tool.

    will this have impact on my VPN clients or any other client trying to authenticate on some service ?

    Thanks in advance !

  3. Stephan says:

    You actually soved two problems for me, thanks!!!!!!!!!!!

  4. Jepsar says:

    Magnificent!

  5. Biris says:

    thank you!!

  6. Anonymous says:

    Thank you!!

  7. Konrrado Mansor says:

    Muito Obrigado Charbel Hanna!!! O erro 1070 desapareceu do meu servidor DHCP depois de realizar suas dicas!
    Muito obrigado mesmo!

  8. bojana says:

    WHAT A GREAT HELP! Thank you!

  9. mort1616 . says:

    Cheers buddy. 3 years later and still a helpful article

Leave a Reply

Your email address will not be published. Required fields are marked *

*