Share via

Configure the DirectAccess Server as the Network Location Server

Updated: October 7, 2009

Applies To: Windows Server 2008 R2


This topic describes deployment of DirectAccess in Windows Server 2008 R2. For deployment of DirectAccess in Microsoft Forefront Unified Access Gateway (UAG), see the Forefront UAG DirectAccess Deployment Guide (

If your DirectAccess server is acting as the network location server, you must install the Web Server (IIS) server role with the IP and Domain Restrictions role service.

To complete these procedures, you must be a member of the local Administrators group, or otherwise be delegated permissions to install a server role. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (

To install the IIS server role

  1. On the DirectAccess server, click Start, click Run, type servermanager.msc, and then press ENTER.

  2. In the console tree, click Roles. In the details pane, click Add Roles, and then click Next.

  3. On the Select Server Roles page, click Web Server (IIS), and then click Next twice.

  4. On the Select Role Services page, in Role services, under Security, click IP and Domain Restrictions, and then click Next.

  5. Click Install.

  6. Verify that all installations were successful, and then click Close.

If you arrived at this page by clicking a link in a checklist, use your browser’s Back button to return to the checklist.