Can DirectAccess and Exchange 2013 work on the SAME machine ?

All replies

• 

  

  0

  Sign in to vote

  Hi NicoNi,

  Thanks for posting on the TechNet forum.

  >>I read a lot about DirectAcces, but in fact, nothing about the combination Exchange and DirectACcess on 1 machine.

  Yes, I searched a lot and didn't find out an official article about the combination Exchange and DA.

  >>After 2 unsuccessful attempts to deploy DirectAccess-Feature on an existing Exchange 2013-Server, let me ask the question if this is possible.

  For stability, security reason, I suggest you deploy Direct Access on a separate dedicated server .

  Besides, may I know what happened when you deployed the Direct Access on this exchange server?

  Any prompt information?

  In addition,You could try to deploy this feature by using powershell command: get-windowsfeatrue | where_object{$_.name -like '*direct access*'} | install-windowsfeature -whatif

  This is just a workaround.

  Best regards,

  ---

  Andy_Pan

  • Proposed as answer by Hello_2018 Tuesday, February 2, 2016 8:36 AM
  • Marked as answer by Leo Han Wednesday, February 3, 2016 12:52 AM

  Monday, January 18, 2016 7:03 AM
• 

  

  0

  Sign in to vote

  Thank you for your answer.

  I think, the main Problem is still having only ONE public IP-adress.

  At the Moment, I have Exchange with all the HTTPS-stuff running and working together with SSTP/VPN.

  I think that was the reason for the ambitiuous next step.

  The deploymentof DirectAccess as a role/Feature itself was not the Problem.

  The first Problem is/was that the wizard did not succeed at all. it always crashed ith or after the step "deplyoing behind NAT" (I don't have the exact message at the Moment)All I figured out by googling the Problem is. that something is wrong with a certificate.

  I have seen that the "install-remoteaccess"-command included a  part with "-NLScertficate" and then a lots of binary numbers.

  With some handwork, a hand-modified install-remoteaccess succeded but after a reboot nothing worked anymore.

  - the machine booted slowly

  -many Exchange Services remined in "starting"-Phase for hours

  -some of the management-console-snapins failed because the Domain was not accessible

  - Outlook Clients wer no more able to reach the Exchange server

  the only help was manually removing DirectAccess, deleteing the GPOs as well as Registry-values.

  Monday, January 18, 2016 9:13 AM
• 

  

  0

  Sign in to vote

  Hi NicoNi,

  Thanks for your feedback.

  Since deployed Direct Access on an existing Exchange Server have so many adverse effects.

  I would suggest you just deploy a separate server for Direct Access.

  Besides, I have tried a lot for deploying the two services on same server with one IP address in my lab, but not succeed.

  Thanks again for posting here.

  Best regards,

  ---

  Andy_Pan

  
  
  

  • Edited by Hello_2018 Tuesday, January 19, 2016 7:40 AM

  Tuesday, January 19, 2016 7:38 AM
• 

  

  0

  Sign in to vote

  Thank you.

  In fact, I have no idea how to deal with the Problem of having only ONE public IP-adress.

  The DSL-router now routes ports such as 443, 80 to the Exchange-Server.

  As I understand, DirectAccess also uses 443 and 80 as key Features.

  Your Suggestion is okax but how to do this in life world ? the separate Direct acces-Server is also not the Problem.

  Do I Need another technique to "route" anything which is not neeede for Exchange to the separate Server ?

  Tuesday, January 19, 2016 9:51 AM