Is there any way, with Direct Access on Windows Server 2012 R2, to prevent multiple simultaneous (concurrent) connections by a single user on different PC's? I realize this is not a native function of Direct Access 2012 R2 but perhaps this is achievable by policy, script or some other means. Appreciate any advice.

• Edited by Barkley Bees Tuesday, January 20, 2015 6:12 AM

Hi There - the DirectAccess Client is computer specific - therefore any domain user can logon to the client and use DirectAccess. However, you could restrict the logon locally rights of the clients using GPO, which could prevent the same user credentials being used multiple times, however I have not done this in real world but should work. I fear the nightmare will be keeping track of who is who and where is where. Perhaps test out the solution above.

A nice article here - http://ravingroo.com/267/active-directory-user-workstation-logon-restriction/

Kr