locked
Two parallel DirectAccess offerings - UAG/Server 2012 RRS feed

  • Question

  • Hi Guys

    is anything speaking against a parallel installation of two direct access offerings? IMHO not....but maybe i missed something....

    One already exists (UAG), the second one shall be deployed with Windows Server 2012. Both installation shall run parallel for a period of time.

    BR,

    Roman

    Wednesday, January 16, 2013 2:37 PM

Answers

  • So if ISATAP is disabled you can go. Just avoid to have a DirectAccess client having Client-side GPO from both DirectAccess infrastructure.

    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Marked as answer by Foxilein Wednesday, January 16, 2013 9:35 PM
    Wednesday, January 16, 2013 9:22 PM

All replies

  • Hi

    Are uou considering a side-by side migration? If yes have a look at this scenario http://technet.microsoft.com/en-us/library/hh831623.aspx. The goal is to perform a migration "almost" invisible from user point of view.

    Best regards


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Wednesday, January 16, 2013 4:07 PM
  • hi,

    no, I want a second DA Server to test the new functionality before I migrate all users.

    BR

    Wednesday, January 16, 2013 6:48 PM
  • OK

    The easiest method would be to have a new Windows Server 2012 Server With a single network card. You just need to publish HTTPS protocol to Internet. But watch out, having multiple DA server means multiple ISATAP routers. I hope ISATAP is not enabled on your LAN.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Wednesday, January 16, 2013 7:54 PM
  • isatap is disabled.

    I plan to deploy the second server also as an edge device.

    Wednesday, January 16, 2013 9:20 PM
  • So if ISATAP is disabled you can go. Just avoid to have a DirectAccess client having Client-side GPO from both DirectAccess infrastructure.

    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Marked as answer by Foxilein Wednesday, January 16, 2013 9:35 PM
    Wednesday, January 16, 2013 9:22 PM
  • thank you very much.

    just one last thing, you have already mentioned the side-by-side migration. have you already done one? I what means "almost invisible"?

    the thing is, when I do my second deployment, I would wait for all clients to "know" the new gpo. one reboot should be enough after changing the groups to get a connection to the new DA server, correct?

    Wednesday, January 16, 2013 9:43 PM
  • If you love DirectAccess with Windows Server 2012 (and you will love it), that will be your next move. How to move from UAG to URA you have two scenarios :

    -Side-by-side migration described here : http://technet.microsoft.com/en-us/library/hh831623.aspx

    -Offline Migration described here : http://technet.microsoft.com/en-us/library/hh831481.aspx

    Technically speaking, Offline migration is easier than Side by side migration but it means service interruption.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Wednesday, January 16, 2013 9:48 PM
  • Hm.....in the side-by-side Migration, the Clients would be in both Security groups, Old and New, correct? How should the Client know, which configuration is correct? Its possible that i havent read everything, or Missed that, already a bit late in Germany :-)
    Wednesday, January 16, 2013 10:10 PM