(Updated July 21, 2010)
Interesting post on the TechNet forums regarding problems with configuration.exe:
“I currently have a working DirectAccess single server UAG deployment (using at trunk as well). It is working fine and i have updated the deployment to Update roll-up 1.
I am due to demo to a client DirectAccess with UAG and they are also interested in using NAP. So I have built and deployed a NAP server, but now every time I try to change any of the settings in UAG for the "DirectAccess Server" component the console hangs (50% CPU) and i have to kill configuration.exe .... I get this no matter what i edit on the last stage of that screen (i.e smart card auth, certificates etc... it literally hangs the second I click anything!).
I have tried running a procmon trace but without much insight, I've also made sure i disabled any Anti-Virus on the server.”
The solution to the problem is to run:
C:\Program Files\Microsoft Forefront Unified Access Gateway\utils\ConfigMgr>configmgrutil -del -
and give it another try.
Be aware that executing this command will delete the entire UAG configuration, including DirectAccess configuration and trunks, and you will need to reconfigure your UAG server manually to its previous configuration. If you have an uncorrupted backup you can restore the configuration from backup.
Apparently, this happens when you select an Intermediate Certificate Authority on the NAP configuration (checkbox) page. You can’t use an Intermediate Certification Authority for IPsec (with UAG, at least at this time).
There is also an issue with NAP enforcement with the RTM version of UAG, so make sure you upgrade to UAG Update 1.
Microsoft ISD iX/SCD iX
UAG Direct Access/Anywhere Access Team
The “Edge Man” blog (DA all the time): http://blogs.technet.com/tomshinder/default.aspx
Follow me on Twitter: https://twitter.com/tshinder