Quantcast
Channel: Forefront Edge Security – DirectAccess, UAG and IAG フォーラム
Viewing all articles
Browse latest Browse all 1485

Direct Access Certificate Expired

$
0
0

My cert expired on my Direct Access server (2012 R2) and now I am kind of screwed. I have lots of remote clients who cannot just plug back in to grab the new cert + settings I applied to DA. 

I tried creating a new ticket using:

djoin /provision /domain domain.net /machine "%pcname%" /policynames "DirectAccess Client Settings" /rootcacerts /reuse /savefile dj_ticket.txt

Then I tried having them process it remotely using:

djoin /requestODJ /loadfile dj_ticket.txt /windowspath %SystemRoot% /localos

Normally this works perfectly to allow me to have remote clients join my domain without direct access however, it doesn't work when the remote clients were already a member of the domain. I somehow need to flush the old settings and apply the new ones.

Any ideas?


Viewing all articles
Browse latest Browse all 1485

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>