When a DirectAccess client computer builds its IPsec tunnels back to the corporate network, it has the ability to require a certificate as part of that authentication process. In earlier versions of DirectAccess, the one in Server 2008 R2 and the one provided by Unified Access Gateway (UAG), these certificates were required in order to make DirectAccess work. Setting up the certificates really isn't a big deal at all; as long as there is a CA server in your network you are already prepared to issue the certs needed at no cost. Unfortunately, though, there must have been enough complaints back to Microsoft in order for them to make these certificates "recommended" instead of "required" and they created a new mechanism in Windows 8 and Server 2012 called KerberosProxy that can be used to authenticate the tunnels instead. This allows the DirectAccess tunnels to build without the computer certificate, making that...
Windows Server 2012 R2 Administrator Cookbook
By :
Windows Server 2012 R2 Administrator Cookbook
By:
Overview of this book
Table of Contents (17 chapters)
Windows Server 2012 R2 Administrator Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
Learning the Interface
Core Infrastructure Tasks
Security and Networking
Working with Certificates
Internet Information Services
Remote Access
Remote Desktop Services
Monitoring and Backup
Group Policy
File Services and Data Control
Index
Customer Reviews