locked
Direct Access RRS feed

  • Question

  • Hi all,

    could someone me explain, where I've have advantages of using DA in a mixed mode SCCM2012 environment or what are disadvantages? Is DA to takeover client remotly, when tehy are outside the LAN?

    Thankx

    Regards

    Carsten

    Tuesday, May 15, 2012 4:25 PM

Answers

  • You don't have to deal with PKI certs for https mode when using DA. Clients will be able to connect to the corporate network automatically as soon as they got internet connection. It requires a domain joined client (so you cannot manage workgroup clients).

    Torsten Meringer | http://www.mssccmfaq.de

    Tuesday, May 15, 2012 4:50 PM

All replies

  • You don't have to deal with PKI certs for https mode when using DA. Clients will be able to connect to the corporate network automatically as soon as they got internet connection. It requires a domain joined client (so you cannot manage workgroup clients).

    Torsten Meringer | http://www.mssccmfaq.de

    Tuesday, May 15, 2012 4:50 PM
  • A few things to consider about DA:

    - It requires Windows 7 / Server 2008 R2 or higher

    - It is quite complex in both infrastructure and requirements

    - DA still requires a PKI (according to http://technet.microsoft.com/en-us/library/dd637797(v=ws.10).aspx)

    - If you use DA, you don't need to use native mode; clients behave as if they are in the local intranet and will work fine in mixed mode

    I'm not sure what your requirements are in particular but depending on your needs for remote client management you may be better served with the combination of Internet Based Client Management/native mode versus DA. As always, YMMV.


    Tuesday, May 15, 2012 5:26 PM
  • We have Direct Access fully rolled out and I absolutely love it.  It makes the job of keeping clients up to date so much easier than hoping for users to VPN in...  Fortunately we are 100% Windows 7 now, so that's not an issue...and only the DA server needs to be running 2008 R2 (not every server in your entire company).  Yes it is complex to setup and yes PKI is still in the mix as are some GPOs...  However, once you have it all setup and running your computers just make a secure connection back into the corporate network (before users even login in some cases) and therefore SCCM just sees them as if they're any other computer on your network.  I've even been able to Remote Control machines that are connected over Direct Access...which is quite nice.  IMO it's well worth the time and effort to get it setup.

    Mike...

    Tuesday, May 15, 2012 7:41 PM
  • Hi Guys,

    thanks a lot for your feedback. So I've Information do make a desicion regarding to use it or not.

    Thanks

    Regards

    Carsten

    Wednesday, May 16, 2012 4:24 PM
  • Keep in mind, that DA in Windows 2012 server enviroment will be much easier to administer than in 2008 R2.
    Saturday, May 19, 2012 9:08 AM