Hey  guys,
I need some help.

I have a custommer that had a Direct Access configured in Windows Server 2008 R2 in the past, but this stop to work.
I then configured the Direct Access in Windows Server 2012 and this is working fine.

But I need know how do I distribute the computer certificate to users that aren't in the office?

I have tried this configuring a VPN in TMG and executing gpupdate /force, but the certificate was not distributed.

Have any way to users get this certificate without going to office?

Thanks Everyone

Valdir Pereira

Valdir,

please, take a look at this link and let us know if it meets to your need:

http://technet.microsoft.com/en-us/library/cc754841(v=ws.10).aspx

Regards

Hi

If your computer already trust your internal CA, your problem might belocalized in TMG. Due to RPC restriction in TMG. Have a look at this article. It deal of the same subject with DirectAccess but it's the same problem http://blogs.technet.com/b/edgeaccessblog/archive/2010/04/22/deep-dive-into-uag-directaccess-certificate-enrollment.aspx.

Have a nice day.

Valdir, looking into BenoitS reply, think its the best way to follow...

BenoitS,
I will try this.

I had read this in other site, but was not confortable to change as the other site had not clarified the option.

I will change and let you know if this works

Thanks everyone

Hi BenoitS,
This worked for me. Thanks
I have tried this but not worked and then I verified in VPN rules and there is an option to configure RPC option and then removed the same option in your link.
This was found when I right-click in the rule.
Thank you and Uilson for the attention

Have a nice day.

Hi

Its the same kind of RPC option than in TMG.