locked
Multi-level authentication and Direct Access RRS feed

  • Question

  • I'm quite interested in the management features of Direct Access. That is, I'd love to be able to consistently apply GPOs to our remote users. However, we're also strict about multi-level authentication (our VPN requires group credentials before the user's credentials). 

    Is there any way to satisfy that requirement and also utilize Direct Access?

    Thanks

    Monday, September 27, 2010 5:48 PM

Answers

All replies

  • Hi mhashemi,

     

    Thanks for posting here.

     

    Based on my understanding that the authentication method and process of Direct Access is different from VPN connection .

    By default, Direct Access supports standard user authentication using a computer certificate and user account name and password credentials.

    You might also like to implement additional authorization with smart cards if you have a greater security consideration.

     

    DirectAccess Authentication

    http://technet.microsoft.com/en-us/library/dd637823(WS.10).aspx

     

    Choose an Authentication and Authorization Scheme

    http://technet.microsoft.com/en-us/library/ee382320(WS.10).aspx

     

    DirectAccess Test Lab Extension: Using Smart Cards for Additional Authorization

    http://social.technet.microsoft.com/wiki/contents/articles/directaccess-test-lab-extension-using-smart-cards-for-additional-authorization.aspx

     

    Thanks.

     

    Tiger Li

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com  


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Tuesday, September 28, 2010 2:48 AM
  • Hi mhashemi,

    If there is any update on this issue, please feel free to let us know.

    We are looking forward to your reply.

    Tiger Li

    TechNet Subscriber Support in forum
    If you have any feedback on our support, please contact tngfb@microsoft.com 


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, October 1, 2010 9:43 AM