Hello There,
Below is the step by step guide for Offline Domain Join:
https://technet.microsoft.com/en-us/library/offline-domain-join-djoin-step-by-step(v=ws.10).aspx
Using "offline domain join", you will be able to provision a DirectAccess client (ONLY if you have Windows 2012 DA and Windows 8 or above as the clients) --> this is becasue Windows 2012 DA/Windows 8 clients doesn't require Certificates to make
a DA connection.
If you have Windows 7/UAG DA/or Certificate based authentication (In case of DA2012 with Multisite or similar configuration) for your DA, apart from the above step you might have to manually import the certificates needed for DA on to clients to make
a successful IPSec(DA) connection.
On a longer run, you might also consider deploying a CEP/CES for certificate provisioning over internet; after "OfflineDomain Join"
http://blogs.technet.com/b/askds/archive/2010/05/25/enabling-cep-and-ces-for-enrolling-non-domain-joined-computers-for-certificates.aspx
Please let me know, how it goes.
-
Proposed as answer by
Vasu Deva
Monday, April 20, 2015 12:56 PM