DirectAccess is one of the most interesting feature present on Windows Server since 2010 (build 2008 R2) that allows users to connect their corporate devices without use VPN or similar. For IT Admins, this means reduce the remote connection tools and use a default port like HTTPS.
Because the last version is running on Windows Server 2012 R2 there’s a little problem with Windows 10. In my case, I saw that the configuration was not more present on my client, as showed in figure 1.
Figure 1 – No more DirectAccess
I found the issue into GPO configuration: by default, to avoid deployment to servers, DirectAccess Client Settings are setted with a WMI filter as showed in figure 2.
Figure 2 – WMI Filter
To resolve the issue, is necessary edit the WMI filter with this string:
Select * from Win32_OperatingSystem WHERE (ProductType = 3) OR (Version LIKE ‘6.2%’ AND (OperatingSystemSKU = 4 OR OperatingSystemSKU = 27 OR OperatingSystemSKU = 72 OR OperatingSystemSKU = 84)) OR (Version LIKE ‘6.1%’ AND (OperatingSystemSKU = 4 OR OperatingSystemSKU = 27 OR OperatingSystemSKU = 70 OR OperatingSystemSKU = 1 OR OperatingSystemSKU = 28 OR OperatingSystemSKU = 71)) OR (Version LIKE ‘10%’ AND (OperatingSystemSKU = 4 OR OperatingSystemSKU = 27 OR OperatingSystemSKU = 72 OR OperatingSystemSKU = 84))
This allows also Windows 10 machines to receive the GPO. After a gpupdate, I found again the DirectAccess configuration – figure 3.
Figure 3 – DirectAccess
S