<div>
not sure what you mean by &quot;always be authenticated against the domain controller&quot; - do you mean everytime they log onto the device or as soon as they connect to the Direct Access service?<br />
<br />
For laptops we usually allow for cached logons so that users can log on to the workstation and complete any connection to a internet connection which would then allow for Direct Access to begin connecting i.e. Starbucks wifi etc.<br />
<br />
Once DA can pass the connectivity requests the tunnel will be initiated and the users will also be authenticated<br />
<br />
It would work if you don't have cached logons enabled but only if the local network they are connecting doesn't require interaction to complete
</div>


not sure what you mean by "always be authenticated against the domain controller" - do you mean everytime they log onto the device or as soon as they connect to the Direct Access service?

For laptops we usually allow for cached logons so that users can log on to the workstation and complete any connection to a internet connection which would then allow for Direct Access to begin connecting i.e. Starbucks wifi etc.

Once DA can pass the connectivity requests the tunnel will be initiated and the users will also be authenticated

It would work if you don't have cached logons enabled but only if the local network they are connecting doesn't require interaction to complete

<div>
We set up laptops that are joined to our domain for our remote users.<br />
<br />
We don't have any kind of VPN setup for the remote users.<br />
<br />
We would like to make it so that whenever the users log onto their computers they will be authenticated against the domain controller so that this way any new group policies and logon scripts can run.<br />
<br />
We would like to do this with Direct Access.<br />
<br />
<br />
Please provide me with the steps on how to setup Direct Access so that this will be possible.
</div>


We set up laptops that are joined to our domain for our remote users.

We don't have any kind of VPN setup for the remote users.

We would like to make it so that whenever the users log onto their computers they will be authenticated against the domain controller so that this way any new group policies and logon scripts can run.

We would like to do this with Direct Access.


Please provide me with the steps on how to setup Direct Access so that this will be possible.

<div>
<div class="content wysiwyg-content">
Please provide me with the steps on how to set up Direct Access within a Server 2016 network so remote users will always be authenticated against the domain controller.
</div>
</div>


Please provide me with the steps on how to set up Direct Access within a Server 2016 network so remote users will always be authenticated against the domain controller.

How to set up Direct Access within Server 2016 network so remote users will always be authenticated against domain controller

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Networking

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

Windows 10 is a personal computer operating system featuring the "universal application architecture" (UAP); apps can be designed to run across multiple devices with nearly identical code, including PCs, tablets, smartphones, embedded systems, Xbox One, Surface Hub and HoloLens. Windows 10 also includes a virtual desktop system, a window and desktop management feature called Task View, the Microsoft Edge web browser, support for fingerprint and face recognition login, voice-based search (Cortana), new security features for enterprise environments, and DirectX 12 and WDDM 2.0 to improve the operating system's graphics capabilities for games.

Windows 10

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.

Azure

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.