This template assesses the overall health of Microsoft DirectAceess server installed on Windows 2012 by using PowerShell scripts.
Prerequisites: RPC and WMI access to the domain controller.
Credentials: Windows Administrator on the domain controller.
Monitored Components
Remote Access Health 1
This monitor returns the current health of a DirectAccess deployment. It returns a status (OK, Disabled, Unknown, Warning, Error) for the following components:
- Server;
- 6to4;
- DNS;
- DNS64;
- Domain Controller;
- IP-HTTPS;
- IPsec;
- Kerberos;
- NAT64;
- Network Adapters.
Remote Access Health 2
This monitor returns the current health of DirectAccess deployment. It returns a status (OK, Disabled, Unknown, Warning, Error) for the following components:
- Network Location Server;
- Network Security;
- Services;
- Management Servers;
- Otp;
- High Availability;
- Isatap;
- Teredo;
- Vpn Addressing;
- Vpn Connectivity.
Configuring Windows Remote Management (WinRM)
- If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.
- On the SAM server, open a command prompt as an Administrator. To do this, perform the following step:
- Go to the Start menu and right-click the cmd.exe and then select Run as Administrator.
- Enter the following in the command prompt:
winrm quickconfig
winrm set winrm/config/client @{TrustedHosts="*"} - On the target server, open a command prompt as an Administrator and enter the following:
winrm quickconfig
winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}
where IP address is the IP address of your SAM server.
Portions of this document are based on http://technet.microsoft.com/en-us/library/hh918442.aspx Microsoft, copyright 2013