This template assesses the overall health of Microsoft DirectAceess server installed on Windows 2012 by using PowerShell scripts.

Prerequisites: RPC and WMI access to the domain controller.

Credentials: Windows Administrator on the domain controller.

Monitored Components

Remote Access Health 1

This monitor returns the current health of a DirectAccess deployment. It returns a status (OK, Disabled, Unknown, Warning, Error) for the following components:
- Server;
- 6to4;
- DNS;
- DNS64;
- Domain Controller;
- IP-HTTPS;
- IPsec;
- Kerberos;
- NAT64;
- Network Adapters.

Remote Access Health 2

This monitor returns the current health of DirectAccess deployment. It returns a status (OK, Disabled, Unknown, Warning, Error) for the following components:
- Network Location Server;
- Network Security;
- Services;
- Management Servers;
- Otp;
- High Availability;
- Isatap;
- Teredo;
- Vpn Addressing;
- Vpn Connectivity.

Configuring Windows Remote Management (WinRM)

1. If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.
2. On the SAM server, open a command prompt as an Administrator. To do this, perform the following step:

• Go to the Start menu and right-click the cmd.exe and then select Run as Administrator.

1. Enter the following in the command prompt:
          winrm quickconfig
   winrm set winrm/config/client @{TrustedHosts="*"}
2. On the target server, open a command prompt as an Administrator and enter the following:
          winrm quickconfig
   winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}

where IP address is the IP address of your SAM server.

Portions of this document are based on http://technet.microsoft.com/en-us/library/hh918442.aspx Microsoft, copyright 2013