none
"The system cannot find the file specified" during Remote Access Setup Wizard

    Question

  • Hi all

    Simple as that,

    I configured a new DirectAccess environment on Windows Server 2012 R2 with 2 network adapters behind NAT

    I used the advanced wizard to configure all the DirectAccess settings and everything seems to be fine

    when I pressed "Apply" to finish the wizard and to automatically create the group policy settings I've noticed this error:

    I restarted the server and tried again - still, same result.
    there's nothing on the event viewer that points for an error, or what file exactly is missing (!?)

    isn't there a log file of the DA Wizard to get more details on this error?

    Thanks


    Tamir Levy

    Monday, February 10, 2014 7:02 AM

Answers

  • I'm disappointed no one even bothered to comment on this thread...

    anyhow... I found the solution

    I add the SPN Cifs/[domain FQDN] under my domain controller machine account under ADSI Edit

    hope will help others


    Tamir Levy

    • Marked as answer by Tamirlevy Sunday, March 16, 2014 1:38 PM
    Sunday, March 16, 2014 1:38 PM

All replies

  • Hello? anyone? :/

    Tamir Levy

    Sunday, February 16, 2014 6:50 AM
  • Ok. some updates.

    I did a step-by-step mode and managed to configure the DirectAccess server successfully.

    though it only works with KERBEROS PROXY authentication!

    I still get this error message when I choose I want to use computer certificate and choose my root CA.

    I have only one CA server

    I tried to run procmon during the wizard - nothing over there :(

    also , not in C:\windows\tracing\ramgmtuimon.log. it's empty!

    the only thing I get is from the event viewer. information message. Source: RemoteAccess-MgmtClient, Event ID: 902, Detail: Applying the configuration failed

    as you can see, I get this error one step after the "validating the management servers". so it seems related to the CA validation

    does anyone know what exactly the DirectAccess trying to do in order to validate the CA Server?

    or... something else? that might be related?  

    thanks


    Tamir Levy

    Sunday, February 16, 2014 9:40 AM
  • I'm disappointed no one even bothered to comment on this thread...

    anyhow... I found the solution

    I add the SPN Cifs/[domain FQDN] under my domain controller machine account under ADSI Edit

    hope will help others


    Tamir Levy

    • Marked as answer by Tamirlevy Sunday, March 16, 2014 1:38 PM
    Sunday, March 16, 2014 1:38 PM
  • I'm disappointed no one even bothered to comment on this thread...

    anyhow... I found the solution

    I add the SPN Cifs/[domain FQDN] under my domain controller machine account under ADSI Edit

    hope will help others


    Tamir Levy

    Tamir, 

    I can't thank you enough for this tip, I sure hope this resolves my issue. Do you mind elaborating on which DC you added this SPN too? The FSMO DC? The authenticating DC? The CA DC? All DC's? :)

    Thanks again,

    Brandon

    Wednesday, July 09, 2014 6:23 PM
  • Hi Brandon.

    At first I added the SPN on the DC by the LOGONSERVER attribute of the DirectAccess server without checking the FSMOs of this server and it was enough for the wizard to finish successfully.

    We have only 3 DCs. I advised with MS support about this FSMOs and since they told me there's no risk of having this SPN listed - we just added it to all of our DCs machine account


    Tamir Levy

    Thursday, July 10, 2014 7:52 AM