Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Server

Windows Server 2008 R2 : DirectAccess Scenario (part 4) - Configuring DirectAccess Feature

- Windows 10 Product Activation Keys Free 2019
- How to active Windows 8 without product key
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
3/20/2011 10:33:53 PM

Configuring DirectAccess Feature

Next, run the DirectAccess Setup Wizard to configure DA1 and the Group Policy settings for DirectAccess clients.

To run the DirectAccess Setup Wizard, complete the following steps:

1.
On the DirectAccess server DA1, launch Server Manager.

2.
Expand Features, DirectAccess, and select the Setup node. The screen will show the four-step DirectAccess setup, as shown in Figure 5.

Figure 5. DirectAccess Setup screen.

3.
On the Select Features page, select DirectAccess Management Console.

4.
In Step 1 Remote Clients, click Configure.

5.
On the DirectAccess Client Setup page, click the Add button.

6.
In the Select Group dialog box, type DirectAccessClients and click OK. The screen will show the group, as shown in Figure 6.

Figure 6. DirectAccess Client Setup.

7.
Click Finish.

8.
In Step 2 DirectAccess Server, click Configure.

9.
On the Connectivity page, for Interface Connected to the Internet, ensure that the correct interface is selected. For Interface Connected to the Internal Network, ensure that the correct interface is selected. The wizard will attempt to select the best interfaces based on the IP address ranges. In Figure 7, the public address 12.155.166.3 has been assigned to the Internet interface and the private address 192.168.3.211 has been assigned to the internal interface.

Figure 7. DirectAccess Server Connectivity Setup.

Note

The DirectAccess Setup Wizard has an informational note that it detected that the internal network is IPv4-based and will enable IPv6 transition technologies as part of the setup. The DirectAccess server will be configured as the ISATAP server.

10.
Click Next.

11.
On the Certificate Components page, for Select the Root Certificate to Which Remote Client Certificates Must Chain, click Browse. In the list of certificates, click the companyabc-DC1-CA root certificate, and then click OK.

12.
For Select the Certificate That Will Be Used to Secure Remote Client Connectivity over HTTPS, click Browse. In the list of certificates, click the certificate named IP-HTTPS, and then click OK. The results are shown in Figure 8. Click Finish.

Figure 8. DirectAccess Server certificate components.

13.
In Step 3 Infrastructure Servers, click Configure.

14.
On the Location page, click Network Location Server Is Run on a Highly Available Server, type https://nls.companyabc.com, click Validate, and then click Next. You should get a green check mark with a Validation Successful message.

15.
On the DNS and Domain Controller page (shown in Figure 9), note the entry for the name companyabc.com with the IPv6 address 2002:c9b:a602:1:0:5efe:192.168.3.200. This is the 6to4 IPv6 address for the DC1 domain controller. All DirectAccess client requests to the domain companyabc.com will be forwarded to this domain controller. The nls.companyabc.com is also listed with a blank DNS server, which ensures that DirectAccess clients will not forward the requests to this host.

Figure 9. DirectAccess Infrastructure Server Setup for DNS.

Note

The blank DNS for the Network Location Service (NLS) is needed so that DirectAccess clients can use the URL to determine if they are inside the corporate network or on the Internet. When inside the network, the DirectAccess clients will be able to access the site. When remote and connected via DirectAccess, the clients will be unable to reach the site due to the blank DNS entry, although they can reach all other internal resources.

16.
Click Next.

17.
On the Management page, if there were internal management servers, such as Microsoft System Center Configuration Manager 2007 (SCCM) servers that needed to reach the DirectAccess clients, they would be entered in this portion of the setup. Leave this blank and click Finish.

18.
In Step 4 Application Servers, click Configure.

19.
On the DirectAccess Application Server Setup page, leave Require No Additional End-to-End Authentication.

Note

If end-to-end protection were required, Step 4 is where the permitted application servers would be added. This scenario is doing end-to-edge, so no configuration is needed.

20.
Click Finish.

21.
Click Save, and then click Finish to launch the configuration wizard.

22.
In the DirectAccess Review dialog box, click Apply. The configuration will be applied.

23.
In the DirectAccess Policy Configuration message box, click OK. The configuration has now been applied. The configuration is stored in %WinDir%\DirectAccess\ in an XML file named DirectAccessConfig.xml.

There will be two new Group Policy Objects, each named DirectAccess Policy-<GUID>. One has security filtering that applies it only to the DirectAccess server by computer name (DA1$). The other has security filtering that applies it only to the DirectAccess clients in the DirectAccessClients security group. The DirectAccess server (DA1) and the DirectAccess clients (WS3) will need to be rebooted or have gpupdate.exe run to have their group policies applied.

Other -----------------
- Windows Server 2008 R2 : DirectAccess Scenario (part 3) - Certificate Autoenrollment & IP-HTTP Certificate
- Windows Server 2008 R2 : DirectAccess Scenario (part 2) - Using a GPO to Configure Firewall Rules & Custom Certificate Template for IP-HTTPS
- Installing Exchange Server 2010 : Deploying Active Directory from Scratch (part 3)
- Installing Exchange Server 2010 : Deploying Active Directory from Scratch (part 2) - Promoting a Windows Server 2008 Server to a Domain Controller
- Installing Exchange Server 2010 : Deploying Active Directory from Scratch (part 1) - Installing the Windows Server 2008 Operating System
- Planning Your Exchange Server 2010 Installation
- Installing Exchange Server 2010 : Understanding Role Based Access Control
- Windows Server 2008 R2 : Traditional VPN Scenario (part 5) - SSTP Troubleshooting
- Windows Server 2008 R2 : Traditional VPN Scenario (part 4) - Testing the VPN Connection & Controlling Unhealthy VPN Clients
- Windows Server 2008 R2 : Traditional VPN Scenario (part 3) - Setting Up the RRAS Server & Setting Up the VPN Client
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
Celebrity Style, Fashion Trends, Beauty and Makeup Tips.
 
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server