locked
Direct Access Installation RRS feed

  • Question

  • hi,

    I want to install Direct Access on Server 2012 r2 and the direct access server uses own self signed certificate issued From the DA Server but i want the certificate to be used from the Certificate Server,  i.e ADCS and also want to enable DA for Windows 7. Also want to deploy another server as the back-up DA Server. please provide the Steps to do this.

    Thanks,

    Roshan

    Monday, November 30, 2015 4:30 AM

All replies

  • Hi,

    From my understanding your DirectAccess Gateway does not have a proper certificated delivered by your internal AC. That will be your first step. Once done, dont forget to enroll each of your DirectAccess client (auto-enroll feature of ADCS) before enabling the Certificate mode inthe RAM console.

    For backup purpose, DirectAccess provide high availability capabilities using NLB/HLB but easiest method is to reinstall server with the same parameters.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Proposed as answer by BenoitSMVP Monday, November 30, 2015 8:16 PM
    Monday, November 30, 2015 8:16 PM
  • hi

    i am getting these error while using my self signed certificate from certificate server.

    Tuesday, December 1, 2015 12:11 PM
  • Hi,

    Is your public name identical as da.rk.example.com?
    Click on Back and check your entry.

    Gerald

    Tuesday, December 1, 2015 12:35 PM
  • Hi,

    Did you replace the self-signed IPHTTPS server certificate with a certificate delivered by a publi AC?


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Tuesday, December 1, 2015 6:40 PM
  • hello,

    i had made the entry of the certificates on the DNS manually and configured the DirectAccess Server. all the operations get passed and the Direct Access server got configured successfully. but while generating the provisioning text file for offline domain  join and after the joining the DA Client machine the Domain User is unable to logOn to the Client machine. Also there is no entry on the DNS of the Client machine that got the domain join. ow can i resolve this issue.??


    Monday, December 21, 2015 10:59 AM
  • ODJ will only provision DirectAccess certificates and policies for Windows 8.x and later clients. ODJ with Windows 7 clients is limited to joining the domain only. ODJ cannot provision Windows 7 clients for DirectAccess.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Proposed as answer by BenoitSMVP Monday, December 21, 2015 2:03 PM
    Monday, December 21, 2015 2:03 PM
  • hello Benoits

    I am trying for windows 8 and later machines but then also the entry is not made on the DNS Server and getting the error "There are currently no logon servers available to service the logon request".

    Tuesday, December 22, 2015 3:38 AM
  • Hi,

    Are you sure your DirectAccess client has applied the new GPO and have the certificate in the computer certificate?


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Tuesday, December 22, 2015 9:50 AM