SwiftPoint
asked on
enable logon script for VPN
When a user logs in locally, the logon script runs and sets the drive mappings, etc.
When the same user VPN's in to the network, the login script doesn't even run!
How do I get the script to run when the user VPN's in. Do I set a GPO? The script is set in the users profile, so why won't it run?
When the same user VPN's in to the network, the login script doesn't even run!
How do I get the script to run when the user VPN's in. Do I set a GPO? The script is set in the users profile, so why won't it run?
firemanf29
What is your VPN solution?
The reason a login script does not run when the connection is a VPN is likely because the user loged into the localcomputer prior to getting the VPN established. The slow link detection is how the system determines whether to apply the GPO or not.
Like to prior post, depending on what you use to establish the VPN, you might be able to tie in a script that will map drives after the VPN is established.
Like to prior post, depending on what you use to establish the VPN, you might be able to tie in a script that will map drives after the VPN is established.
ASKER
There should be a way to do this in the GPO; this works for local logins, or somehow tell the system to execute the script in the user profile for a VPN connection.
Does the VPN have to be established for the user to login into the system?
If it does, you need to reduce the link speed detection requirement from 500k to 1k or less in the GPO.
If it does, you need to reduce the link speed detection requirement from 500k to 1k or less in the GPO.
ASKER
We are still having the issue.
The environment is a Windows 2003 Remote Access Services PPTP VPN.
Users are constantly having to manually browse to the Logon folder and run the
login batch file one they remote in to RAS.
When logging in locally to the network the logon script runs automatically.
The environment is a Windows 2003 Remote Access Services PPTP VPN.
Users are constantly having to manually browse to the Logon folder and run the
login batch file one they remote in to RAS.
When logging in locally to the network the logon script runs automatically.
The GPO does not apply unless the DC is within range and that is determined through the slow link check at startup.
Does the workstation's configuration is such that the VPN is established upon startup or is the VPN started by the user upon login into the workstation (at which point the login script would have run if the system was on the LAN).
Be careful with altering the slow speed check from 500kbs. The effect could be that the system could get locked out either through password policy (three wrong login attempts, Redirected folders could have issues, etc. rendering the remote system inoperable.)
It seems that you have found a cure which is to get the remote user upon establishing the VPN to run the script (Login script on the LAN).
Does the workstation's configuration is such that the VPN is established upon startup or is the VPN started by the user upon login into the workstation (at which point the login script would have run if the system was on the LAN).
Be careful with altering the slow speed check from 500kbs. The effect could be that the system could get locked out either through password policy (three wrong login attempts, Redirected folders could have issues, etc. rendering the remote system inoperable.)
It seems that you have found a cure which is to get the remote user upon establishing the VPN to run the script (Login script on the LAN).
ASKER
Thanks Arnold...not sure I would call manually starting the login script a solution, but that is how we
are managing it now. We need this automated.
To answer your question, the user is manually starting the VPN connection.
are managing it now. We need this automated.
To answer your question, the user is manually starting the VPN connection.
The only way in this setup to make this automated is if the VPN client can execute a process after the VPN is established. Alternatively, creating a script that will initiate the VPN connection and once that is complete will trigger the execution of the login script..
But since the VPN is manually initiated by the user, so must the script.
But since the VPN is manually initiated by the user, so must the script.
ASKER
hmm..ok...I would expect that if were were using MS RAS and Active Directory they would work together to
make this happen automatically.
make this happen automatically.
ASKER
Do you know how to add a batch file/script to a GPO so we can centrally manage the execution of a script for
calling the Login script.
Is there a particular GPO we should use, or do we need to create a new one?
calling the Login script.
Is there a particular GPO we should use, or do we need to create a new one?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks...we were hoping we could automate this...but seems had the only solution available in place. This expert confirmed we need to manually run the Login script.