DirectAccess Policy Management – Have it your way!

Forefront UAG 2010 makes extensive use of group policy objects for client provisioning, corporate servers, and the gateway itself. Customers familiar with this capability asked for more. More flexibility defining objects, and more control over their naming, placement and creation. Here are a couple of enhancements we’ve made in SP1 to meet these requests.

Organizational Units

Prior to SP1, you could define security groups that contained applicable end-users for DirectAccess. With the service pack are able to choose organizational units (OUs) instead.


Support Multiple Domains

In some scenarios the end-user’s machine is joined to a different domain than the one that user is authenticating against. For example, Bob is authenticating against CORPUSER domain while his machine belongs to domain CONTOSO. This scenario is now possible with UAG SP1, because you can define separate domains for clients’ computers and authentication.


Control Policy Names & Creation

Some customers use their own naming conventions for objects, so with SP1 you can not only change the name of the GPO, but also pre-create it, and let UAG fill in the designated containers. This can be useful when edge and GPO management responsibilities are handled by different administrators.


Skip to main content