[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Direct Access 2012 R2 Get. Started Wiz cannot create GPO

Posted on 2014-01-22
6
Medium Priority
?
791 Views
Last Modified: 2016-05-20
Hello,

I'm having a problem deploying a simple Direct Access installation on a 2012 R2 server, with the Getting Started Wizard. The error reads as follows:

"Configuration settings cannot be retrieved from the DirectAccess server GPO."

This comes after Finalizing configuration settings.
Then it rolls back the configuration.

The funny thing is though, if I copy the PowerShell script, it creates the GPOs just fine. But that may have something to do with the Wizard removing them when rolling back, I take it. When I use the Powershell script, I can't use the Remote Access Management afterwards cause it's missing configuration. It just wants me to re-run the Wizard.

The setup is as follows:

A 2008 Standard server DC with 2008 functional forest level.
A 2012 R2 Standard server
Behind Edge (Single adapter)

I cannot see any problems with DNS or the DC itself. All patches are installed on the 2012 R2 server. I cannot see any problems with prerequisites either. I've tried everything I can think of.

I cannot find a single page that reflects this problem either. There are some that talks about that it cannot receive configuration settings from domain controller (something to do with GPO rights), but none that talks about the DirectAccess server.

Anyone experienced this or knows what the problem may be? If not, how do I properly debug an installation like this? I can't seem to find any verbose logs anywhere.

Hilfe!

Thanks!

Best regards
Daniel
0
Comment
Question by:itssab
  • 3
5 Comments
 
LVL 38

Expert Comment

by:Mahesh
ID: 39802158
You can install GPMC Console on 2012 R2 server, ensure that you are logged on with Domain admins account, then open GPMC from 2012 R2 server and wipe out any existing GPO created by DirectAccess setup, force replication across domain and then try rerunning DirectAccess setup wizard and check

Mahesh
0
 

Author Comment

by:itssab
ID: 39802238
I have done this several times already. This was the error message I first got when everything was fresh, and still the message I get after cleaning out the GPOs etc.

It's so weird that I can't find a single occurance of this exact error message on the web.
0
 

Author Comment

by:itssab
ID: 39802513
This is what it looks like btw. Not very handy as it doesn't tell you more than I've already said, but what the heck...
Everything above this error is green btw.

 
Direct access error
0
 

Accepted Solution

by:
itssab earned 0 total points
ID: 39803029
Ok, I may have solved it myself. I copied the Powershell script again, and ran it. This time (for no apparent reason whatsoever) the Remote Access Management Console popped up with the configuration. Everything also seems to check out, no errors anywhere.

I still wonder why the guide fails while the PS script doesn't. Isn't the script exactly what it runs in the background?
0
 
LVL 1

Assisted Solution

by:Tech Savy
Tech Savy earned 2000 total points
ID: 40771829
that means it had some problem contacting the domain controller and could not get the GP settings. I would recommend making sure name resolution is not having an hiccup intermittently.

Uninstall the remote access role, and re-boot, re-install the role, start a fresh installation this time assuming the GPs have been wiped out from the DC. If you still get an error message restart the remote access management service and look for relevant logs under Remote Access management operational logs, to get more information.

Normally a reboot on the DA server would fix it.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question