Disabling and enabling Forefront UAG DirectAccess

Updated: February 1, 2011

Applies To: Unified Access Gateway

If you want to prevent DirectAccess clients from accessing the organization using the Forefront Unified Access Gateway (UAG) DirectAccess server, you can disable Forefront UAG DirectAccess. The following procedures describe how to disable and then enable Forefront UAG DirectAccess.

To disable Forefront UAG DirectAccess

1. In the Forefront UAG Management console, click DirectAccess to start the Forefront UAG DirectAccess Configuration Wizard.

2. From the opening Forefront UAG DirectAccess Configuration Wizard page, click Disable.

3. In the Forefront UAG Management console, click the Activate configuration icon, then on the Activate Configuration dialog box, click Activate.

4. If you want to remove Forefront UAG DirectAccess, you must also do the following:

   1. On the taskbar, click Start, click Administrative Tools, and then click Group Policy Management.

   2. From the Group Policy Management console, open Forest\Domains\domain\Group Policy Objects.

   3. Right-click each of the following objects, and click Delete.

      • UAG DirectAccess: AppServer{f7b77f47-7c33-4d8c-bb9a-a913c5675d8d}

      • UAG DirectAccess: DaServer{ab991ef0-6fa9-4bd9-bc42-3c397e8ad300}

      • UAG DirectAccess: Client{3491980e-ef3c-4ed3-b176-a4420a810f12}

To enable Forefront UAG DirectAccess

1. From the opening Forefront UAG DirectAccess Configuration Wizard page, click Enable.

2. If you deleted the Forefront UAG DirectAccess Group Policy objects from the Forefront UAG DirectAccess server, re-create the Group Policy objects by applying, or exporting the configuration script and then by running it. For more information, see Applying or exporting the Forefront UAG DirectAccess configuration.

3. In the Forefront UAG Management console, click the Activate configuration icon, then on the Activate Configuration dialog box, click Activate.