If you want to enable DirectAccess on Windows 10 TP, you’ll need this trick…

In my company we’re used all these years to work with DirectAccess. It’s fascinating to connect automatically to your corporate network, without actually doing anything. DA offered me another advantage: I travel a lot, so very often hotel wireless networks block the common VPN outbound ports. In these cases you cannot use the traditional VPN protocols like PPTP or L2TP. DirectAccess connections are not affected, because they use port 443, which is usually unblocked.

Since we upgraded everything in the company to Windows Server 10 TP (or vNext if you like), we installed everything required for DirectAccess to work, but sadly we discovered that the connection icon for DA does not appear, as you can see in the following picture:


The next thing to check was to see if my laptop (running Windows 10 TP) has the DirectAccess Client Group Policy applied. You can simply check this by running gpresult /H c:\report.html, and check the HTML report that is created. Strangely enough, the GPO was denied….

So the next think to check was the WMI Filter that is created for DA. This WMI filter checks if the computer has the correct operating system version and if the computer is a laptop or a desktop: if is a desktop, the DA GPO shouldn’t be applied (who wants to connect remotely using a big heavy desktop computer?)

But as soon as we checked the WMI Filter, we discovered this:


The WMI Filter is set to apply on the Windows version 6.2. If you check the Windows 10 Technology Preview version, you’ll see that is version 6.4. We can now change the WMI Filter and set the correct OS version:



As soon as you gpupdate /force, you can run the gpresult /H c:\report.html command and see the report produced:


You can clearly see that the GPO is applied correctly, so after a while we finally can see the DA connection icon:


Do not forget guys, it’s still a Technology Preview version, don’t expect everything to be functional.