DirectAccess scripting allows you to use a PowerShell script to run a combination of Network Shell (Netsh) and PowerShell commands to configure DirectAccess with all of the required Group Policy objects and settings.

The DirectAccess snap-in generates an Extensible Markup Language (XML) data file whenever you save or apply settings. The default location for this file is %windir%\DirectAccess\DirectAccessConfig.xml. You can modify and customize this XML file by using the XML tags in the file. For example, the <InternalNetworkInterface> tag allows you to manually specify the name and ID of the internal network interface on the DirectAccess server. The customized XML file can then be passed as an input to a PowerShell script named Engine.ps1 to configure a DirectAccess server and all of the required Group Policy settings.

The Engine.ps1 PowerShell script is available at the Script Center Script Repository on Microsoft Technet (http://go.microsoft.com/fwlink/?LinkId=145944).

The syntax for executing the script is the following:

engine.ps1 –mode {serveronly|gpsettingonly|all} [–data <dataFilePath>] [-log <logFilePath>]

Additional references

  • Use Group Policy to Configure DirectAccess Clients
  • Use the DirectAccess Snap-in to Monitor DirectAccess