Windows 8 - Optimized for Businesses Too!

Connecting Remotely with Windows 8 DirectAccess

Connecting Remotely with Windows 8 DirectAccess

DirectAccess enables the business road warrior to seamlessly connect to the corporate network from any remote location with Internet access, without the need to establish a Virtual Private Network (VPN) connection. A smart card is needed for authentication with DirectAccess during the first set up. From then on, the user can log on remotely at any time as long as his Internet connection isn't disrupted. Windows 8 introduces the concept of a virtual smart card that features the same benefits as a physical smart card but without the hassle of having to hold onto a physical one. With Windows 8, after the successful enrollment of the user's virtual smart card, it eliminates the need for a physical security card and the user gets to enjoy the benefits of a single sign-on session as long as he has Internet access.

Prerequisites for Using DirectAccess

  • A  PC operating on Windows 8 or Windows 8 Enterprise Edition or later.
  • The PC must be part of a deployed domain.
  • The user must have a physical smart card and smart card reader. If the user has a physical smart card but hasn’t used it to connect to the corporate network using IT VPN, the user must reset or unblock his smart card PIN. 
  • The PC must have a Trusted Platform Module (TPM) and the module must be initialized.


Checking for PC's TPM

DirectAccess leverages your PC’s Trusted Platform Module (TPM) for strong authentication. If the PC does not have a TPM, the user is unable to use DirectAccess.
In order to check the computer for a TPM chip, type "tpm.msc" at the Windows 8 Start screen, and then tap or click the TPM application to open it.

In the TPM Management on Local Computer dialog box, under Status, check to see if a TPM chip is installed.

If the PC has a TPM chip but its status doesn't reflect that it is ready for usage. Please navigate to the right side of the screen under Actions, click "Prepare the TPM", and then follow the on-screen instructions. After rebooting, the TPM will be ready to use as shown above. If the TPM is not enabled in the BIOS, it needs to be turned on at the BIOS menu.

Enrolling for a Virtual Smart Card

Users can use a physical smart card or a virtual smart card to authenticate to the corporate network with Windows 8 DirectAccess. A virtual smart card provides the same benefits as a physical smart card but is much more convenient. After successfully enrolling for a virtual smart card, the user won’t need to use a physical smart card to connect remotely to the corporate network using Windows 8.

Logging On from a Remote Location

If the PC is part of a deployed domain, the user doesn’t need to do anything to set up DirectAccess.  At the Windows 8 user log on, click "Sign-in" options, tap or click the Virtual Smart Card icon , and then enter the virtual smart card password. Windows 8 will automatically connect to the corporate network using DirectAccess.