Solved

Disable service or startup program based on hardware profile?

Posted on 2004-04-23
7
833 Views
Last Modified: 2010-04-13
I want to disable the VPN client for my users when they attach to the LAN.  I want it always active when they are off the LAN.
two ways stop the client.  Moving MUVPN icon out of the start menu.  OR stopping two services that are installed w/ the client.

I do not want the clients to enable/disable manually.  I am afraid they will forget to enable it and I want all traffic comeing
back to our main office for security purposes.   If the client is active while on the LAN no network resources work.

Know a way I can do this via group policy?
Or a script that can tell if the Laptop is docked or something? (maybe by hardware profile?)

I dont expect it to be able to tell if its on the network. I would be satisfied if when it is docked it would be disabled,
and enabled when not docked.

0
Comment
Question by:Eric
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 84

Expert Comment

by:oBdA
ID: 10901963
The solution is already in your subject: You can use hardware profiles. ;)
Right-click "My Computer", choose "Properties", go to the "Hardware" tab, click "Hardware Profiles".
Highlight the "Profile 1", click "Copy".
Name the old profile "LAN connection", name the new one "VPN connection" (or whatever is likely to be understood by your users).
Depending on your users again, choose a boot method (whether you want the machine to wait indefinitely for a choice to be made, or to choose a default connection after some time).
Then start services.msc, and disable the two services for the "LAN connection" profile (in the properties of the service, at the "Logon" tab).
The user will now be offered a choice of the two profiles when booting.
0
 
LVL 11

Author Comment

by:Eric
ID: 10903067
heh. See I know enough to know what to ask.  I did not know services are hardware profile dependent.  Sounds like exactly what I need.
It already has 2 proflies created by DELL.  One is "docked"  the other is "undocked"  I do not know what the differences are besides
one enables the onboard NIC and the other enables the docking stations NIC (while disableing the opposite)

I will give this a shot.   I wonder what would happen if they choose docked when its not docked :o
it does nto give you the option to choose even though it should bythe settings dictated in hardware profiles.

PS: this site needs spellchecking :)
0
 
LVL 11

Author Comment

by:Eric
ID: 10904142
This is not working for me.
I change the default status of the undocked profile to auto and docked to manual.
however which ever one I set last is true for both profiles.  As if it has nothing to do with profiles. :(

ideas?
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 7

Expert Comment

by:PaulADavis
ID: 10904476
if the vpn client runs as a  service.... make a little batch file with - net stop service_name for the users.... name it something like 'in the office'.

have the users click on that when they are in the office to disable the vpn client, or set it as a scheduled task.

a little unconventional, but it could work :-)
0
 
LVL 11

Author Comment

by:Eric
ID: 10905308
I dont want them to have to remember because they wont.  I will no longer be allowing direct internet access to people whom work on the LAN.  It has to be active when they are not in the office w/o there interaction
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 10913377
If I understood you correctly ("undocked profile to auto and docked to manual"), you're looking at the wrong tab in the services configuration. Don't use the "General" tab, use the "Logon" tab to enable/disable services in certain hardware profiles. You'll find a list of your available hardware profiles at the bottom; highlight the "Docked" profile and click on "Deactivate" for your services.

Maybe of use for you:

HOW TO: Create Hardware Profiles on Windows-Based Mobile Computers
http://support.microsoft.com/?kbid=225810

Service Does Not Start and Displays "Error 1058"
http://support.microsoft.com/?kbid=241584
0
 
LVL 11

Author Comment

by:Eric
ID: 10923014
Thanks.  Its working to perfection, plus i gained another useful general knowledge of windows that will help me in other situations.

0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes how to import an Outlook PST file to Office 365 using a third party product to avoid Microsoft's Azure command line tool, saving you time.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question