Export (0) Print
Expand All

Specifying client groups in SP1

Published: October 21, 2010

Updated: February 1, 2011

Applies To: Unified Access Gateway

For a client computer to be provisioned to use Forefront UAG DirectAccess it must be included in an OU, or the client computer must belong to the selected security group and one of the specified client domains. Once the Forefront UAG DirectAccess Configuration script is applied, computer clients included in the OU branch or Security groups are provisioned to receive DirectAccess Group Policy. This topic describes how to provision DirectAccess clients to receive these settings.

When you select OUs, the GPO is linked to the specified OUs, there is no security filtering, and the group policy is applied on all the computers in the selected OU. When you select security groups, the GPO is linked to the domain root, and the security filtering is for the selected security group. The group policy is therefore applied on all computers in the security group and in all the specified client domains.

noteNote:
If you apply Forefront UAG DirectAccess settings to pre-created GPOs that were created by the GPO administrator, this page does not appear in the Forefront UAG DirectAccess Configuration Wizard. This is because the OU or security group filtering must be configured by the GPO administrator.

  1. In the Clients and GPOs section of the Forefront UAG DirectAccess Configuration Wizard, on the Client Groups page, select OUs or security groups that contain the DirectAccess clients you want to receive DirectAccess Group Policy.

  2. If the DirectAccess clients are members of security groups:

    1. Click Security groups.

    2. Click Add, select the security groups containing the computer accounts that you want to enable for DirectAccess configuration, and click OK.

    3. Click Finish.

    4. If you need to add several security groups repeat step b for each security group.

    noteNote:
    Clicking Remove removes the currently selected security group from the list.

  3. If the DirectAccess clients are members of OUs:

    1. Click Organizational units (OU), and then click Add.

    2. In Select a domain, select a domain containing the OUs you wish to add.

    3. From the list of OUs, select an OU, and then click Add.

    4. When you have finished adding all the required OUs, click Close, and then click Next.

      noteNote:
      If you have domain trusts configured, repeat steps b and c for each domain.

    noteNote:
    Clicking Remove removes the currently selected OU from the list.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft