locked
Direct Access high availability RRS feed

  • Question

  • Hello everyone,

    I set up a DA Test-Scenario, which works fine. Now we want to roll out this feature to 1000 Clients. By now the DA-Gateway is a single Server and unfortunately a Windows Server 2012.

    1. How many DA Servers do I Need for so many Clients?

    2. To make the DA Scenario high available, do I have to set up a whole new configuration or can I use the current configuration and add additional servers? What strategy do you recommend?

    Thank for any tips

    Sincerly Butters

    Monday, November 30, 2015 8:59 AM

Answers

  • Hi,

    Switching from a standalone configuration to high-availability configuration will require that Client-side GPO to be updated. So DirectAccess clients will loose connectivity. It's easier to build a new configuration and move DirectAccess clients from standalone deployment to high-availability when they come back to the office.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Marked as answer by Butters101 Thursday, December 3, 2015 11:52 AM
    Thursday, December 3, 2015 11:45 AM

All replies

  • Hi,

    Here what you are looking for : The DirectAccess capacity planning : https://technet.microsoft.com/en-us/library/jj735301.aspx

    These figures are close from my field experience. remember Smartcard / OTP & NAP will reduce performance.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Proposed as answer by BenoitSMVP Monday, November 30, 2015 8:12 PM
    Monday, November 30, 2015 8:12 PM
  • Hi,

    thank youo. But what about my current configuration? The DA Server I set up is running fine, but I need a HA-Solution. I assume I have to set up a cluster, right? Can I export my current DA-Configuration and import it in the new cluster or want do you recommend?

    Greetings Butters

    Thursday, December 3, 2015 11:42 AM
  • Hi,

    Switching from a standalone configuration to high-availability configuration will require that Client-side GPO to be updated. So DirectAccess clients will loose connectivity. It's easier to build a new configuration and move DirectAccess clients from standalone deployment to high-availability when they come back to the office.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Marked as answer by Butters101 Thursday, December 3, 2015 11:52 AM
    Thursday, December 3, 2015 11:45 AM
  • OK. I'll do so. Thank you very much for your advice.

    Greetings Butters

    Thursday, December 3, 2015 11:52 AM