Corrupted Name Resolution Table (NRPT) #DirectAccess
Last week I had some issue’s with connecting to corporate network by DirectAccess. The System Log pointed me tot the following: Event ID: 1023 Source: DNS Client Events. Name resolution policy table has been corrupted.
For some reason, the rules that come from DA GPOs had been duplicated. The originals from GPOs were named as “UAGDA Rule1” to “UAGDA Rule3” and the duplicates were named simply “Rule 1” to “Rule 3” (HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DnsClient\DnsPolicyConfig).
By removing the duplicate rules and restarting the DNS Client service name resolution was solved. After establishing a “legacy” VPN connection to our corporate network I refreshed Group Policy and voíla, everything (DNS name resolution and DA) is working again. Netsh name show effective shows the correct entries and only the same 7 entries exist in the registry under DNSPolicyConfig
Windows 7 Direct Access Troubleshooting
During TechDays 2011, John Craddock presented two great sessions DirectAccess Under the Hood and How to troubleshoot DirectAccess. These sessions are actually a redelivery of TechEd Berlin 2010. During the session of Troubelshooting DirectAccess I was pointed to a default built-in Windows 7 capability troubleshoot DirectAccess, which was new for me. This capability might handy for ‘ default’ end-user additonal to DirectAccess Connectivity Assistent (DCA) (Control Panel\All Control Panel Items\Troubleshooting\Network and Internet\Connection to a Workplace Using DirectAccess)
Sources
Categories
Modern Workplace 
I landed here whilst searching for what causes the UAG rules to duplicate – several of my users have had similar issues. Really appreciate the links to the troubleshooting presentations. However, I’m still trying to find out what causes the rules to duplicate….. anyone have any thoughts?