Solved

Remove DirectAccess?

Posted on 2014-03-28
7
1,722 Views
Last Modified: 2014-06-20
Against my better judgement, I rushed through a test to install RRAS (Direct Access) from 2012 Server R2.  When I got an error after installation, I tried to back out and remove it, only to have to remove DirectAccess separately via the cmdlet.  No problems, right?

Wrong.  It appears that our 2 Win 8 Ent. laptops, once they received the Group Policy update, are trying to connect to it.  And it still shows up in Group Policy.  How can I remove it completely from our AD/Group Policy?  I'm planning on doing the right thing and starting with a test environment first before pushing into production (yes, I should have done that first and normally would but ...) but I'd like to make sure that our AD is "pure" again.

Thanks for any and all help - greatly appreciate it.

Grog
0
Comment
Question by:fcummins
  • 3
  • 3
7 Comments
 
LVL 17

Expert Comment

by:Brad Bouchard
Comment Utility
Try having the users come in and directly connect to your network and run a gpupdate/force.  Then remove any traces of it in GP.  AD doesn't need any maintenance on it to remove/clean things up.
0
 

Author Comment

by:fcummins
Comment Utility
Thanks.  I'm extremely rusty in GP - anything I need to watch out for?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
Comment Utility
Nope, simply right click the GPO and uncheck the "Link Enable" option so it isn't working.  Then update the clients.  Also, if you need to manually remove it here are two great links:

http://virot.eu/manually-remove-direct-access-from-a-client/

http://superuser.com/questions/460495/uninstall-microsoft-directaccess-from-laptop
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Accepted Solution

by:
fcummins earned 0 total points
Comment Utility
So the issue was actually only on two machines - both of which were running Windows 8 Enterprise which has the direct access client already installed.  They were due for upgrades so I took the opportunity to go ahead and upgrade them with new machines running Windows 8 Pro.

Brad, I'll check out those links about removing it from GPO once I finish with the current project.  Thanks for the help.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
Comment Utility
Brad, I'll check out those links about removing it from GPO once I finish with the current project.  Thanks for the help.

Sounds good, keep my posted.
0
 

Author Closing Comment

by:fcummins
Comment Utility
Closing question as I resolved it by upgrading the affected computers.
0
 

Expert Comment

by:Eric_Morcambe
Comment Utility
For others looking at this post you may find that GPUpdate won't work.

If the client machines have DA settings but the DA infrastructure has been removed they will think they are offsite.
NRPT will still attempt to route any traffic destined to the internal domain over the DA tunnel which will fail stopping communication with DCs.

Remove the domain name Reg_Multi_SZ from under one of the keys under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DnsClient\DnsPolicyConfig

Run gpupdate and then check that registry to see if it's been cleaned up (not sure if settings will be removed as I was replacing them with fresh settings).
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now