Hello, ran across this practice question and wanted to think through it with others.
Your network contains one Active Directory domain named lab.local. You complete a trial deployement of DirectAccess for a test group called "LAB\Test Computers". The trial is now complete and you need to enable Direct Access for all computers in the domain.
A. From Windows PowerShell, run the Set-DAClient cmdlet.
B. From Windows PowerShell, run the Set-DirectAccess cmdlet.
C. From Active Directory Users and Computers, modify the membership of the Windows Authorization Access Group.
D. From Group Policy Management, modify the security filtering of an object named Direct Access Client Setting Group Polcy.
So "A" doesn't seem to be correct as the "Set-DaClient" seems to only be used to change other unrelated settings like "Force Tunneling". "B" doesn't seem to work as "set-DirectAccess' doesn't appear to be a valid cmlet.
I can't decide if "C" or "D" is the correct answer.. Based on my research it appears that a security group must be used to execute the recommended Microsoft deployment.
Because the group "LAB\Test Computers" was used to deploy the current solution, I imagine this group would need to be swapped out for a different group either on the security filtering tab of the GPO or somewhere in the Direct Access config.. Anyone out there with a bit more experience with this role able to comment?