I am working with a client that has 30 laptops which are configured for DirectAccess with on-premises SERVER-A. We are replacing SERVER-A with SERVER-B which is in a cloud environment and has a different hostname. When we set up new laptops
they connect fine to DirectAccess on SERVER-B. However, we are having issues with the laptops already configured by Group Policy to use SERVER-A in trying to change them to using SERVER-B. The only 100% reliable technique seems to be bringing
the laptop inside the corporate network, unjoining it from the domain and rejoining it to the domain with the computer account in scope for the GPO which applies DirectAccess client settings for SERVER-B. However there are over 20 laptops in very
remote locations, so we cannot do that for all laptops. Does anyone have any experience on how to do the DirectAccess GPO change centrally, i.e. the laptop makes all the GPO changes whilst connected to the domain over the DirectAccess connection
to SERVER-A? Both SERVER-A and SERVER-B use the same public URLs for DirectAccess, i.e. directaccess.contoso.com and I have added a script to the SERVER-B DirectAccess settings GPO to create a hosts file record that resolves directaccess.contoso.com
to SERVER-B whilst the public DNS record points to SERVER-A. The laptop seems to get stuck in a disconnected state when swapping between the old GPO and new GPO while out in the field. Unjoining the laptop from the domain of course removes all affects
of the old GPO first, so when you rejoin to the domain, the new GPO applies without any transition/overlap. We cannot do that in the field though.
Richard Gillis, GMTTC UK