Hello,
When using Direct Access with force tunneling, our workstations are having problems with applying computer policies. This topic has been already discussed on the Forefront forum and the solution is provided in here:
http://geek.martinwahlberg.com/problem-using-forced-tunneling-mode-in-directaccess
And I can confirm that this works, as I have tested this in our new DA environment. Though I'd appreciate if someone could answer some questions before I go to the management with the proposed solution.
1) Why changing the local name resolution options from the recommended to the least restrictive is necessary to fix this? Is there an official Microsoft statement on this?
2) The fact that the least restrictive option is necessary immediately brings questions about security. What are the the threats of having this option selected?
Kind regards,
Wojciech