DirectAccess install error: Error: Configuration settings cannot be retrieved from the DirectAccess server GPO

Question

I am installing DirectAccess on Windows Server 2012 using the wizard however I keep getting the error message:

Error: Configuration settings cannot be retrieved from the DirectAccess server GPO.

I have searched online but there doesn't seem to be much information out there in DirectAccess in general (some mention it's easy to install, others say stay away from it as it's a nightmare) or this error message in particular.

Here is the screenshot:

Here is the complete install log:

Initializing operations before applying configuration
    Preparing to apply configuration changes...
    Backing up GPOs...
Configuring Remote Access settings
    Retrieving server GPO details...
    Clearing existing stale configuration settings. This might take a few minutes...
    Checking the specified adapters...
    Deploying the Remote Access server behind NAT...
    Checking the network location server certificate...
    Checking the specified adapters...
    Checking for a native IPv6 deployment...
    Verifying the IP-HTTPS certificate...
    Generating a self-signed IP-HTTPS certificate on server DC1.example.local...
    Retrieving internal network DNS settings...
    Verifying the GPO to write settings...
    Creating the GPO. Linking the GPO to the domain...
    Checking for a client GPO to write settings...
    Creating the GPO. Linking the GPO to the domain...
    Checking for permissions to apply DirectAccess client policies to the GPO...
    Identifying all domains...
    Identifying infrastructure servers in domain example.local...
    Registering the DNS entry used to check client connectivity...
    Registering the web probe in DNS...
    Clearing existing stale configuration settings...
    Creating DirectAccess client policies...
    Updating client policies...
    Initializing accounting settings...
    Writing settings to the server GPOs...
    Writing settings to the client GPOs...
    Updating local settings...
    Applying GPOs on the Remote Access servers...
Updating Network Connectivity Assistant settings
    Setting DirectAccess client settings in the client GPO...
Finishing operations after applying configuration
    Finalizing configuration changes...
    Error: Configuration settings cannot be retrieved from the DirectAccess server GPO.
    Information: Attempting to roll back the configuration...

Answer 1

Do you receive this error during the initial configuration? Or are you updating an existing configuration?

If you are installing DirectAccess for the first time, this message can come up if you don't have permission to create GPOs in Active Directory. The way to resolve this is to have an AD administrator create the GPOs and delegate full permissions on them to you.

If you are updating an existing configuration, it may be caused by a missing DirectAccess client or server GPO. Make sure the GPO still exists in AD. There are known issues with DirectAccess where the GPOs can be inadvertently deleted (see https://technet.microsoft.com/en-us/library/dn464274.aspx#Anchor_0). If that's the case you'll have to restore the GPOs from backup or remove and reconfigure DirectAccess.