NLS error in Management Console. RRS feed

  • Question

  • I have a cluster of 2 DA 2012 running Windows 2012 and using Microsoft NLB.

    I've added a third DA server which is running windows 2012 R2.

    Everything appears to work correctly except that the management console is reporting an error for NLS certificate binding.

    I've re-issued a couple a new certs and redone the binding and ran "configure server settings" but I can't get the error to go away.

    I've used netsh http show ssl to check the bindings and compare with the two other servers and everything looks valid

    I can access the NLS server properly server from remote clients and the Cert is trusted.

    What can be causing the remote console to throw this error?


    PS: Here's the error seen in the mgmt console

    The certificate binding for the network location server has been modified. Without the correct certificate, connectivity for DirectAccess clients located in the internal network will not work as expected.

    Friday, May 23, 2014 8:46 PM

All replies

  • Hi

    It seems you are a new victim of the Windows Server 2012 R2 Bug found by Richard Hicks : http://directaccess.richardhicks.com/2013/10/21/cannot-apply-remote-access-setup-wizard-settings-in-windows-server-2012-r2/. Richard had a solution for that bug (related to a DNS change) but removed it because a howhix was about to be delivered. Maybe the fix was included in update 1 of Windows Server 2012 R2. Found it : http://support.microsoft.com/kb/2929930/fr

    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Edited by BenoitSMVP Saturday, May 24, 2014 9:47 AM update
    Saturday, May 24, 2014 9:43 AM
  • I'll give the hotfix a try but I doubt it is my problem.

    My NLS are deployed on the Directaccess servers and the setup wizard does apply the change successfully with no errors or warnings.

    Anybody knows what tests are performed to decide that there is an issues with the certificate bindings?

    Is there a log somewhere that would give more info or many a debug mode that can be activated?

    Sunday, May 25, 2014 4:09 AM
  • Hi,

    I made this remark because hou mix Windows 2012 and 2012 R2 in a same architecture. For sure it would have worked with a Windows Server 2012.

    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Monday, May 26, 2014 7:16 AM