As you probably might know Forefront UAG DirectAccess deployment requires a public key infrastructure (PKI) to issue certificates to DirectAccess clients, the Forefront UAG DirectAccess server, and the network location server.
Certifcates used by DirectAccess can be catagorized by:
- Autoenrollment for computer certificates
- Manual enrollment for network location server and IP-HTTPS certificates
- Smart cards for additional authorization