I was looking for a way to temporarily disable DirectAccess on the Windows 7 client recently when testing UAG with AD FS 2.0 and needed a quick and relatively pain-free manner of making sure that DA wasn’t interfering… Giving the IP Helper service a kick on servers in the past has often given the right result with IPv6 and ISATAP, so it seemed logical that stopping the IP Helper service on the client might also have the desired effect
NET STOP IPHLPSVC
This did the trick.. no more DirectAccess.. nothing has blown up and restarting the Helper service using NET START IPHLPSVC brought DA back up
2 thoughts on “Disable DirectAccess on the Windows 7 Client (Temporarily)”
I need to disconnect the PC from the network after stopping IP helper service to kill DA completely.
And alternative to stopping the “IP Helper” service is to modify the HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient, EnableDAForAllNetworks registry value. This seems to be the same thing the DirectAccess Connectivity Assistant (DCA) does to change to “Use local DNS resolution”. See my post for more details http://whpwtfdidn.blogspot.com/2014/08/directaccess-client-enabledisable-from.html