Can Windows Server 2016 be a DirectAccess client?


As a follow-up to my last post about connecting branch offices via DirectAccess, what if that branch office has a local server? Maybe you have an onsite RODC to make authentications faster. Or perhaps a local file server so the branch office computers don’t have to reach over the WAN all the time for their documents, slowing them down. Whatever the reason you have a Windows Server running in your branch office, the answer is YES! Those servers can become DirectAccess CLIENT computers, and connect back to the main office via DirectAccess themselves. There really is no need for your branch offices to have expensive or complicated site-to-site VPNs or MPLS circuits, all you need is a regular internet connection combined with the DirectAccess you are already running for your clients (you are running DirectAccess, right? If not, get it now!).

You have probably seen the list of client operating systems which can be DirectAccess client computers, but what many people don’t realize is that this “client” list also extends into the Windows Server world. Here is the full list of operating systems which can connect via DirectAccess:

Windows 7 Ultimate
Windows 7 Enterprise
Windows 8.x Enterprise
Windows 10 Enterprise
Windows 10 Education
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016

And what special tricks or hoops do we need to jump through in order to make our Windows Servers connect via DirectAccess? Nothing! Simply add them to your “DirectAccess Computers” group just like you would with any laptop or tablet that you wanted to connect via DirectAccess. Those servers will pull down their DA connection settings, and the next time they are connected over a regular internet connection, they will connect back to the main datacenter automatically, just like any other DA client machine.

Jordan Krause
jordan.krause@ivonetworks.com