Jump to content
  • entries
    194
  • comments
    292
  • views
    76997

If you want to enable DirectAccess on Windows 10 TP, you’ll need this trick…


spanougakis

3211 views

 Share

In my company we’re used all these years to work with DirectAccess. It’s fascinating to connect automatically to your corporate network, without actually doing anything. DA offered me another advantage: I travel a lot, so very often hotel wireless networks block the common VPN outbound ports. In these cases you cannot use the traditional VPN protocols like PPTP or L2TP. DirectAccess connections are not affected, because they use port 443, which is usually unblocked.

Since we upgraded everything in the company to Windows Server 10 TP (or vNext if you like), we installed everything required for DirectAccess to work, but sadly we discovered that the connection icon for DA does not appear, as you can see in the following picture:

dabefore_thumb.jpg?w=330&h=201

The next thing to check was to see if my laptop (running Windows 10 TP) has the DirectAccess Client Group Policy applied. You can simply check this by running gpresult /H c:report.html, and check the HTML report that is created. Strangely enough, the GPO was denied….

So the next think to check was the WMI Filter that is created for DA. This WMI filter checks if the computer has the correct operating system version and if the computer is a laptop or a desktop: if is a desktop, the DA GPO shouldn’t be applied (who wants to connect remotely using a big heavy desktop computer?)

But as soon as we checked the WMI Filter, we discovered this:

wmibefore_thumb.jpg?w=567&h=424

The WMI Filter is set to apply on the Windows version 6.2. If you check the Windows 10 Technology Preview version, you’ll see that is version 6.4. We can now change the WMI Filter and set the correct OS version:

wmiafter_thumb.jpg?w=567&h=295

 

As soon as you gpupdate /force, you can run the gpresult /H c:report.html command and see the report produced:

report_thumb.jpg?w=557&h=220

You can clearly see that the GPO is applied correctly, so after a while we finally can see the DA connection icon:

daafter_thumb.jpg?w=342&h=281

Do not forget guys, it’s still a Technology Preview version, don’t expect everything to be functional.

1045 b.gif?host=spanougakis.wordpress.com&blog=5779105&post=1045&subd=spanougakis&ref=&feed=1

 

Source

 Share

0 Comments


Recommended Comments

There are no comments to display.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...