Group Policy for Computers that are not connected ot the domain often

Client has 2-3 oddball computers that are members of the domain, but do not (physically) come into the office for months (or maybe even a year+) at a time.

Thus, these computers do not get GPO updates as frequently as they should.

The users of the computer also cannot be bothered to connect to the VPN because it requires effort on their part, and they just can't seem to remmeber to do it.

Question: what's the best way to accomplish this? Ideally, if I could have an "always on" connection to the VPN that just routed traffic for AD to the server, and routed everything else out their local interface, that would solve the problem.

Can that be setup?

Or are there other alternatives?
LVL 32
DrDamnitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
DirectAccess or an MDM solution with agents such as Intune, AirWatch, MobileIron, etc.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Peter WilsonITCommented:
Hi,

Question: what's the best way to accomplish this? Ideally, if I could have an "always on" connection to the VPN that just routed traffic for AD to the server, and routed everything else out their local interface, that would solve the problem.

Can that be setup?
Yes, if your firewall supports SSL-VPN configurations like SonicWALL, for example, does then you can configure NetExtender to auto run and login at Windows login. You could even enable SSO to keep their passwords in sync with AD.

Make sense?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.