I'm in the process of replacing an old 2012 DirectAccess server with a new 2012 R2 server. I have a Win 7 x64 SP1 test machine that will bring back the old servers NRPT entries when I run a gpupdate /force, which breaks DirectAccess due to incorrect name resolution. When I run gpresult to find the source of the entries, "Local Group Policy" is listed.
I can go into Group Policy Editor for local machine manually delete the entries, apply the settings, and see the entries disappear from the registry under HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient\DnsPolicyConfig when I refresh the registry editor. At this point, if I reboot the machine and log back in, DirectAccess will connect. However, if I gpupdate /force, the entries come back again citing local group policy. There does not appear to be a group policy from the domain creating the entries as extra registry settings. Has anyone experienced or fixed similar behavior?
* The NRPT entries were previously imported using a reg script. However, even using a new reg script to clear all existing entries and generate new ones does not change the gpupdate behavior. Gpupdate without the force parameter does not exhibit the issue.