Group Policy for Computers that are not connected ot the domain often

Client has 2-3 oddball computers that are members of the domain, but do not (physically) come into the office for months (or maybe even a year+) at a time.

Thus, these computers do not get GPO updates as frequently as they should.

The users of the computer also cannot be bothered to connect to the VPN because it requires effort on their part, and they just can't seem to remmeber to do it.

Question: what's the best way to accomplish this? Ideally, if I could have an "always on" connection to the VPN that just routed traffic for AD to the server, and routed everything else out their local interface, that would solve the problem.

Can that be setup?

Or are there other alternatives?
LVL 32
DrDamnitAsked:
Who is Participating?
 
Cliff GaliherConnect With a Mentor Commented:
DirectAccess or an MDM solution with agents such as Intune, AirWatch, MobileIron, etc.
0
 
Peter WilsonITCommented:
Hi,

Question: what's the best way to accomplish this? Ideally, if I could have an "always on" connection to the VPN that just routed traffic for AD to the server, and routed everything else out their local interface, that would solve the problem.

Can that be setup?
Yes, if your firewall supports SSL-VPN configurations like SonicWALL, for example, does then you can configure NetExtender to auto run and login at Windows login. You could even enable SSO to keep their passwords in sync with AD.

Make sense?
0
All Courses

From novice to tech pro — start learning today.