Offline Migration of Forefront UAG DirectAccess
Published: February 29, 2012
Updated: February 29, 2012
Applies To: Windows Server 2012
This topic describes how to perform an offline migration of Forefront UAG DirectAccess to DirectAccess in Windows Server® 2012. In an offline migration the Forefront UAG server is shut down before the Windows Server 2012 Remote Access server is activated. This enables use of existing IP addresses, certificates and FQDNs. However, it creates server downtime, requires all clients to migrate to the new server at once, and is difficult to roll back.
The offline migration consists of the following steps:
Step 1: Install the Remote Access role on the Windows Server 2012 computer.
Step 2: Configure server IP addresses.
Step 3: Obtain a server certificate for IP-HTTPS connections.
Step 4: Prepare GPOs in relevant domains for the Remote Access server, DirectAccess clients, and the application server if required. DirectAccess administrators should have the correct permissions (edit settings, delete, modify security) to modify the GPOs.
Step 5: Configure DirectAccess.
For a complete walkthrough, see Offline Migration Steps.
The following graphic illustrates the offline side-by-side migration process.