We have a Windows 2012 R2 server; we use it for AD domain controller and DNS. Can I remove the Remote Access role and the "DirectAccess and VPN (RAS)" Role Service (in Server Manager) from my machine? I presume that Remote Access has to do with VPN and/or dialup and we don't care about either one on this box. Will that make the "PPP adapter RAS (Dial In) interface" go away?
I noticed earlier that there are 2 "A" records in DNS for this machine. Not only that, but both addresses are on the same network, and both respond to pings. AND I'm able to remote desktop into both addresses. But we only have 1 network interface on the server, and only 1 IP address is assigned as I can see from the network Control Panel.
From the command prompt I can see that this is a "PPP adapter", with a subnet mask of 255.255.255.255. How and where this interface came from I don't know. We do not have PPP and our VPN is on a completely different device, that much I know (it's not even a Windows machine).
Long-time UNIX SysAdmin here. No Windows chops, so be gentle…
Thanks.
Best Answer
Lets break your question down:
Yes, you can safely remove the remote access role from the server without losing the functionality of DNS and AD, that will make the dial in interface go away too.
When you install the RRAS service and configure it with a dial in interface, the interface will actually be a virtual network card and it will reserve an IP address from the range you're using for remote access, this is why you're seeing two IP addresses on the server.
This is the same virtual network card I mentioned earlier, it will be removed once you remove the RRAS role from the server.