Auteur de questions
We have deployed direct access in our environment few months ago. everything was fine but from last couple of weeks we are getting calls from users that direct access is not working on their system. In initial troubleshooting we have found common error from users of different region that their device certificate turned into some numeric value
As first authentication is based on device certificate client can not connect with direct access server. We need to connect machines with LAN cable and run gpupdate /force. After that certificate changed to normal and client start connecting with direct access server.
could anyone help me to understand the reason of this abnormal certificate behavior. I have tried to find the log but no success.
Toutes les réponses
what do mean with "their device certificate turned into some numeric value"? With the gpupdate /force you enroll a new certificate from the CA and it seems then everything goes back to normal. Is this all UAG or do you have 2012? Windows 7 clients, or 8 or both?
What is the validity on your certificates and what is the renewal period? Do you use a SSL certificate from your internal CA with UAG? Is the CDP URL published to the Internet and contains an HTTP URL? Is this URL working from the Internet?
Sorry for all the questions. ;-)
Please find the cert. image below where intended purpose and certificate template turned into numeric value expiry date in 2014.
after gpupdate /force it again showing intended purpose and cert. template name.
We are using inter CA server and workstation template for client certicate.
CRL is published on internet and clients are able to access it. We have configured our DA server on 2012 and clients are windows 7 and windows 8.
- Modifié achievers samedi 14 septembre 2013 18:00