Solved

Group Policy for Computers that are not connected ot the domain often

Posted on 2014-10-03
2
78 Views
Last Modified: 2015-02-09
Client has 2-3 oddball computers that are members of the domain, but do not (physically) come into the office for months (or maybe even a year+) at a time.

Thus, these computers do not get GPO updates as frequently as they should.

The users of the computer also cannot be bothered to connect to the VPN because it requires effort on their part, and they just can't seem to remmeber to do it.

Question: what's the best way to accomplish this? Ideally, if I could have an "always on" connection to the VPN that just routed traffic for AD to the server, and routed everything else out their local interface, that would solve the problem.

Can that be setup?

Or are there other alternatives?
0
Comment
Question by:DrDamnit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 40360437
DirectAccess or an MDM solution with agents such as Intune, AirWatch, MobileIron, etc.
0
 
LVL 2

Expert Comment

by:Peter Wilson
ID: 40449166
Hi,

Question: what's the best way to accomplish this? Ideally, if I could have an "always on" connection to the VPN that just routed traffic for AD to the server, and routed everything else out their local interface, that would solve the problem.

Can that be setup?
Yes, if your firewall supports SSL-VPN configurations like SonicWALL, for example, does then you can configure NetExtender to auto run and login at Windows login. You could even enable SSO to keep their passwords in sync with AD.

Make sense?
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question