In Step 16 of Chapter 7, it says the following:
"After some time all but one should be green. Again ignore the red warning."
This is in regards to the red flag on the "Services" component of DirectAccess.
Does this red ever get fixed? I have completed the tutorial, and have tried to do the troubleshooting validation at the end. I don't see "Direct Access" in the Settings app as shown in the screenshot in step 1 of "Test from inside your LAN". Then when I do the Get-DAConnectionStatus in PowerShell, I get the following error result:
Get-DaConnectionStatus : Network Connectivity Assistant service is stopped or not responding. At line:1 char:1 + Get-DaConnectionStatus + ~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (MSFT_DAConnectionStatus:root/StandardCi...onnectionStatus) [Get-DAConnect ionStatus], CimException + FullyQualifiedErrorId : Windows System Error 1753,Get-DAConnectionStatus
I don't see the rules specified in step 3 of the troubleshooter. I see the following GroupPolicy error in the System log in Event Viewer:
Log Name: System Source: Microsoft-Windows-GroupPolicy Date: 6/23/2018 3:19:28 PM Event ID: 1130 Task Category: None Level: Error Keywords: User: SYSTEM Computer: WORKSTATION-ZZZ.coretec.local Description: Startup script failed. GPO Name : Windows SBS CSE Policy GPO File System Path : \\coretec.local\SysVol\coretec.local\Policies\{828B44A6-E821-44E3-BB39-9924FA73C27C}\Machine Script Name: \\coretec.local\SysVol\coretec.local\ClientAgent\ClientAgent.vbs Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" /> <EventID>1130</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000000</Keywords> <TimeCreated SystemTime="2018-06-23T20:19:28.234871000Z" /> <EventRecordID>2781</EventRecordID> <Correlation ActivityID="{C5342E83-B0E5-469D-82CB-771F73295635}" /> <Execution ProcessID="1316" ThreadID="1520" /> <Channel>System</Channel> <Computer>WORKSTATION-XXX.coretec.local</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="SupportInfo1">0</Data> <Data Name="SupportInfo2">0</Data> <Data Name="ErrorCode">53</Data> <Data Name="ErrorDescription">The network path was not found. </Data> <Data Name="ScriptType">0</Data> <Data Name="GPODisplayName">Windows SBS CSE Policy</Data> <Data Name="GPOFileSystemPath">\\coretec.local\SysVol\coretec.local\Policies\{828B44A6-E821-44E3-BB39-9924FA73C27C}\Machine</Data> <Data Name="GPOScriptCommandString">\\coretec.local\SysVol\coretec.local\ClientAgent\ClientAgent.vbs</Data> </EventData> </Event>
By the way, I tested with a remote client also, and while they were able to connect via VPN, they had the same results for DirectAccess as I documented above.
Now I am confused. I had DirectAccess working on my Windows 10 Pro clients for the past 2 years on my 2012 R2 Essentials environment. Now I am reading that DirectAccess only works with Enterprise clients (and has always been that way). My Pro clients can connect to my new 2016 Essentials environment via VPN, but DirectAccess doesn't work (which is consistent with what I am reading online - but not consistent with my experience over the past couple of years). Can someone please confirm whether DirectAccess only works for Enterprise clients in a 2016 Essentials environment?
That Group Policy is something from an older SBS 2008. I assume you migrated but you did not cleanup?
Yes...I had previously migrated from SBS 2008 to 2012 R2 and there was probably quite a number of things that didn't get cleaned up. Does that matter in determining whether DirectAccess works or not? In other words, are there certain group policies that will allow DirectAccess to work even for Windows 10 Pro clients?