Mix of Server 2012/Server 2012 R2 Direct Access and Domain Controller systems.
Until recently, we've had a multisite Direct access configuration successfully running with no issues and we've been able to add/remove direct access servers as we've had the need to do. The existing configuration remains working OK but we now need to make some changes to this.
Recently, we've decommissioned a domain controller and this has led to us not being able to edit the configuration for Direct Access. The Remote Access Management window opens fine, but then when you to Direct access and VPN under configuration, it hangs at"loading direct access and vpn information" and then errors out with "DirectAccess server GPO settings cannot be retrieved. Ensure you have edit permissions for the GPO"
we are not running NLB, the group policy is being applied, the DA server and DC can ping and communicate with each other, and I've manually verified that the sysvol is replicating correctly. I've tried logging into other DA servers and the error is the same, all of the DCs are running and are OK (dcdiag'd and confirmed working) - except the one that was decommissioned. There are some references to the decommissioned domain controller in the extra registry settings in the GPOs.
So I guess the questions are, how do I recover from here? and what is the correct procedure for dealing with Direct Access configurations when the DC that it is pointing at is being decommissioned?
Thanks in advance.
Toni.
Until recently, we've had a multisite Direct access configuration successfully running with no issues and we've been able to add/remove direct access servers as we've had the need to do. The existing configuration remains working OK but we now need to make some changes to this.
Recently, we've decommissioned a domain controller and this has led to us not being able to edit the configuration for Direct Access. The Remote Access Management window opens fine, but then when you to Direct access and VPN under configuration, it hangs at"loading direct access and vpn information" and then errors out with "DirectAccess server GPO settings cannot be retrieved. Ensure you have edit permissions for the GPO"
we are not running NLB, the group policy is being applied, the DA server and DC can ping and communicate with each other, and I've manually verified that the sysvol is replicating correctly. I've tried logging into other DA servers and the error is the same, all of the DCs are running and are OK (dcdiag'd and confirmed working) - except the one that was decommissioned. There are some references to the decommissioned domain controller in the extra registry settings in the GPOs.
So I guess the questions are, how do I recover from here? and what is the correct procedure for dealing with Direct Access configurations when the DC that it is pointing at is being decommissioned?
Thanks in advance.
Toni.