|
|
Windows 7s DirectAccess is a next-generation access technology designed to connect remote clients in the age of the vanishing network perimeter. The following slideshow details installation and setup of DirectAccess during eWEEK Labs' tests. DirectAccess is one of the features Microsoft is pitching as a "better together" benefit of using Windows 7 in tandem with Windows Server 2008 R2.
|
|
|
|
- LABS GALLERY: Windows 7 DirectAccess Connects Remote Clients sans VPN
by Andrew Garcia - Installing DirectAccess
From the Server Manager, administrators can easily install the DirectAccess feature (it's not a Role), which also installs the Group Policy Management snap-in. - No Tools
DirectAccess installation must be done from the server itself, directly or via Remote Access. There is no admin pack or tool to install on a Windows desktop. - DirectAccess Setup
The DirectAccess setup wizard walks the administrator through the process, defining eligible client machines, the DirectAccess server, target intranet servers and core intranet directory management elements. - DA Clients
Base authentication is per machine, not per user. PCs are assigned to a security group eligible to use DirectAccess. This step sets up a filter, including machines permitted to receive DirectAccess configuration via Group Policy. - Adapters
The administrator defines which NIC goes to which network. - Certificates
Using my domain's certificate services, I created the certificate that is passed here to the client machines. - Location Server
Administrators must define a location server on the intranet. Clients check this address to determine whether they are local or remote. - NRPT
DirectAccess leverages a new feature in Windows 7 called the Name Resolution Policy Table. This table maps a DNS namespace to a DNS server, allowing remote clients to know when to phone home and when to go to the regular Internet. - Apply Policy
After creating the policy, I could save it and apply it immediately. My first attempt failed due to a DNS suffix problem on the DirectAccess server. I just wish the wizard could have told me that. - Group Policy Objects
Applying the DirectAccess policy creates Group Policy Objects that are applied to the Default Domain Policy, filtered to allowed client machines. Here is a sample policy. As it is an ADMX template, don't ever expect to find DirectAccess ported to Windows XP (although it may be to Vista one day). - DNS
DirectAccess relies on IPv6 for connectivity, so internal application servers and the DNS server must support IPv6.
|
�������xڽZ[s۸�~~�d_nw7�ŗXbw�IHB��,�JV��eS�j�y�|8�o�i�&4�oAu�B�>�K9�lHbc.!KvfzC7o`�`ƛV�YQ|v$�UK*7�-;RL�DL1OwҨxLO^>.B࿎F�:���|=F#mX021q�#�yF.#An{R�7Yh[((6j{A،L���QLD�ruzH&$fvȿ�+����|>o~QLg\�M�<4#9
"��L7'f*Ή{'_t�t6g�4Wln(3сױ1,�?ۈnS3�a�ܰ)M�)vtZ4ܪwP臑WhNd�m�\)I�;-<><:�1)+Vʢ M�&x9tKS:f:bL��ÃnF1>�PC
�';�!{0#p\V5�Ra�5�G\攪1O|؈{G{(�a(;}�eq+)P�0nC�-U�̥z�U\Ɋn�'p�`� Ձ
^2R`-*��T� հq셜Þݙo&)?���>d R_�E!*aR= �>I�qv*
.[1aCuTD,O4͌3�Ky �W&�?�׀c:�sBrZ)ĺQĴdv-[�9Ϛ 7s.9n
�ٝօr�I�/ �ah��~I%_zlgŎv�jf�]f�fSO0[h>\
!I$STؖN�
ik'?aWy�Qq�& XR?Ó,)uN~t@���|@>��c/1)rd|�>s\�Mb�SH�;�{�$+}7i�c�q�D�8 +9�(<
^0Z�V� ��{7Ve�Lt"�dY>� "6#�h9p\+ɻt�qO@�"f.[㑙C�B0e�_�.Ն^ovﶍ#+𫄐Х$^�X�r:=
vA͘�wsN%!�JfI+knsqeQ�ap�S�#���Z7�>g6�7c�
3O�#�$��vjڧD�w�%
vӂ��ֽ�WˆלWestOuO~)\9c.��4ga-q�
a�cp+)=�jѤ:�>*7p}SU��A^8/V��K@V�nc�F��јf�TT>�g�_�Y#xO3+�(XP.�u1sg�ֽ]0?� �V|ț�jUxמ�o4g{l
qEig��`oiXI%k#x`+,B!�S]O�LmSg�NVӪ2�讞]BU:���m-.�U��3g`GG�*a�r�;LmTkq�ء�9��j[Xo�2cQ�J�v�V_�ܔ�&˼C]`I`z#p7PD'RMApuP�y#�y&յy8$Pc.kEb
�oDz j�*cnW~#�Z3�H䈘 �M؞(�.�D-bt7��"�)t�h8ɗn�&�5 ;όF�)xp98R.'2]([y�w~��ޑZuU�)RX^c݆��̪f�;OY�*@Λ�5`(�3<>яv&NXyB�)@
SPp�xdMADfTaz8�a��k`�9� &�*nZS�4,PB
qٓu"f�I^K�erDd�T!Ǫl�o�r AmkB� Cs.)�(i��ͩu ?YdbPds[�6d$ͺ4X9X���$��ww�v��3�]�»C.0x`
���acmA4sǑg,Rm�.!����?^>qL玩&G
�\01cX{�}=+�rx>�qek�ZFEbp\|rv�P~|x{/:
�L"s}{z�a��p�'xtOO{W��p
�QXa,m7:~y�3N�e`�)7}x/�\t|�Z�h3�Ow�?7mXΊF+c+�Ѩ�~=ŴYI2UeTF,7vZFS��Ƽ
ܟ.^�:��w%16:�tq@N㭲P�ƫ�zD>,��
|
Enterprise Applications 
See All Slideshows