Over the past few weeks I did a 2003/2008sbs to server 2012 R2 server migration and had an issue with the VPN role not installing through Server Manager giving a “restart required before installation can proceed” error even after a fresh restart and all updates installed.
You reboot till your hearts content but the error will keep appearing. This seems related to migrating away from an older domain as we have not had the issue on a fresh 2012 installation.
To resolve the issue you need to go to Group Policy Management and edit the ‘Default Domain Policy’ with the following details:
Computer Management -> Windows Settings -> Security Settings -> Local Policy
Edit the ‘User Rights Assignment’ policy
First enable the policy if it is not checked and add the following accounts:
IIS_WPG, NETWORK, NETWORK SERVICE, SERVICE
Save and close group policy, open command prompt (CMD) with administrator privileges and run the command which will force update group policy: gpupdate /force
Reboot the server and try to install the roles again from Server Manager and hopefully it will resolve your issue as it has done for us multiple times.