I'm quite interested in the management features of Direct Access. That is, I'd love to be able to consistently apply GPOs to our remote users. However, we're also strict about multi-level authentication (our VPN requires group credentials before the user's credentials). Is there any way to satisfy that requirement and also utilize Direct Access? Thanks

Hi mhashemi, Thanks for posting here. Based on my understanding that the authentication method and process of Direct Access is different from VPN connection . By default, Direct Access supports standard user authentication using a computer certificate and user account name and password credentials. You might also like to implement additional authorization with smart cards if you have a greater security consideration. DirectAccess Authentication http://technet.microsoft.com/en-us/library/dd637823(WS.10).aspx Choose an Authentication and Authorization Scheme http://technet.microsoft.com/en-us/library/ee382320(WS.10).aspx DirectAccess Test Lab Extension: Using Smart Cards for Additional Authorization http://social.technet.microsoft.com/wiki/contents/articles/directaccess-test-lab-extension-using-smart-cards-for-additional-authorization.aspx Thanks. Tiger Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi mhashemi, If there is any update on this issue, please feel free to let us know. We are looking forward to your reply. Tiger Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.