Direct access

Removing Windows Server 2012 Direct Access Settings when you have messed them up

Removing Windows Server 2012 Direct Access Settings when you have messed them up

I have installed Direct Access a few times in the various incarnations of my test lab.However, when I moved and recreated my lab, I installed a windows 2012 domain and 2012 Direct Access.It took me about 10 minutes to setup (go through the wizard) as I already had dynamic DNS setup from my last lab.

However, on two occasions I have pooched it and it took me ages to sort out.Below are the 2 scenarios and how they were resolved

Enabling access for Windows 7 clients, without specifying a certificate

For some unknown reason I decided to click the enable access for win.. tick box in the configuration, even though I have no windows 7 clients.This stopped me being able to view the config of DA. When I opened the console I got the error

Settings for the server myserver.mydomain.local cannot be retrieved.The cmdlet did not run as expected.

I resolved the error by following the suggestion from Yaniv Naor in the following TechNet forum link, however the solution to scenario 2 would have also got you out of this error.

Configuring Nic teaming on the DA server

I installed dual port server adaptors in my Hyper-v hosts and decided to configure nic teaming on my VMs.Unfortunately I didn’t think to check if my servers were backing up before I made the change and it broke DA (Again).While looking for a solution to the specific problem I found an article on how to remove the DA settings completely. I found the below link which pointed out the obvious way, i.e. just delete the GPOs that are created as all settings are stored in them.pretty obvious 🙁

I’ve also seen a hotfix from Microsoft for DA in 2012, but it only appears to apply to 2012 Essential and is for a specific scenario.The link is below just in case it applies to you