I've tried to setup a PoC DirectAccess in a Windows Server 2016 following the step-by-step tutorial in the APress book (Richard M. Hicks' Implementing DirectAccess) and can't seem to get the NLS server to work. Even after deleting all certificates to allow it to generate a self-signed cert, NLS always fails with "certificate binding URL availability"; the same problem occurs with a certificate generated with the windows server AD/CS...
Can anyone give any tips, advice, hint as to what may be causing this; like what is causing the certificate binding to change? is there any way to check/ensure the binding aside from the Remote Access Management Console?
Are you trying to configure the NLS on the DirectAccess server itself? If so, choosing a self-signed certificate typically just works. Not sure what would be causing that to fail to be honest.
Best practice is to use an external NLS that's not hosted on the DirectAccess server. If you can't get the self-signed certificate to work you might consider setting up a separate NLS just to get things moving.