Hotfix Available for DirectAccess OTP Configuration Issues

If you’ve ever tried configuring DirectAccess to use One-Time Password (OTP) authentication, you’ve no doubt discovered that the native Microsoft Remote Access Management console would return the following error when trying to detect and locate Certificate Authority (CA) servers.

No CA servers can be detected, and OTP cannot be configured. Ensure that
servers added to the list are available on each domain controller in the
corporate network.

Configure DirectAccess with OTP Authentication

The workaround for this issue required dropping to the command line and executing PowerShell commands to complete this configuration as I outlined here.

Thankfully Microsoft has made available a hotfix to address this issue, returning full GUI functionality for configuring DirectAccess and OTP authentication. For additional details about this hotfix and to request the update itself, click here.

Leave a comment


  1. Luke

     /  April 27, 2015

    It works!


  2. hi richard
    i installed the hotfix on my 2nd DA node and after that i discovered that node not working properly without any error it goes in blue ? icon and give error on console as below :
    settings for entry load balancer can not be retrieved the winrm client send a request to an HTTP Server and got a response saying the requested HTTP Url was not available

    once i removed the hotfix server become green again

    what do you think

    • That’s very odd. I’ve installed this hotfix numerous times without issue. I suspect there’s probably some other conflict on your system.


Leave a Reply