3 Replies Latest reply on Dec 15, 2016 7:17 AM by ThariqM

    Flex 1.8 Windows 10 DirectAccess problems...

    curtisbrown_01 Novice

      Hi All,


      I'm running up a Flex installation.  We have Flex set up and working in that we can distribute our Windows 10 image.  If we do this on the LAN, Domain Join is successful and the user logs on fine.


      However, what we want to do is distribute images to internet connected users using DirectAccess in Windows 10 VMs.  Information is very scarce on how to set Windows 10 DirectAccess on Flex up (pre-reqs etc).


      We have the entitlement set up to point towards (what we think are) the relevant GPO and certificate.  When we deploy a VM over an internet connection, the VM downloads successfully and the VM starts up.  However, the VM fails to rename and domain join also fails.  There's no information as to whether it's even tried to configure DirectAccess, but we doubt it, hence the subsequent failure to name and join AD.  The only clue so far is looking at the Workstation Player logs, it reports an error stating that that the current user does not have permission to enrol for certificates.


      So  - Is there instructions/pre-reqs or even a how-to on setting up deployment of Windows 10 images with Flex using Direct Access to VPN in and domain join etc?


      Perhaps something for the deployment considerations document too???


      Kind regards,



        • 1. Re: Flex 1.8 Windows 10 DirectAccess problems...
          barakni Novice
          VMware Employees

          did you follow the guide?

          (Optional) Configure Microsoft DirectAccess support for Horizon FLEX virtual machines.

          DirectAccess enables remote users to access shared resources, web sites and applications on an internal network without connecting over a VPN. To support DirectAccess, the Horizon FLEX virtual machine must be running Windows 8.1 or later. The Horizon FLEX server must be deployed on Windows Server 2012 or later. The Active Directory server must be configured to support DirectAccess. For more information, see the Microsoft documentation.


          In the Policy Names field, enter the Group Policy object (GPO) names that are used to initiate DirectAccess.

          Each policy name is the display name of the GPO in the Active Directory directory service. Separate each policy name using a semicolon.


          (Optional) Select the Import Root CA Certificates checkbox to import the root certificate authority certificates.


          (Optional) Select the Reuse any existing computer account checkbox to overwrite any existing computer accounts of the virtual machine at the domain joining operation.

          • 2. Re: Flex 1.8 Windows 10 DirectAccess problems...
            curtisbrown_01 Novice

            Yes, followed the guide.  Wasn't successful. However, the issue was further investigated and contributed to the blob size fix in 1.9.

            • 3. Re: Flex 1.8 Windows 10 DirectAccess problems...
              ThariqM Lurker

              Hi Curtis,


              We have exactly the same problem, did you manage to get this working ? We suspect its the way the GPO for DA is configured ?