Deivce internal vs external?
We have checkout laptops for users to checkout. We have a internal web site that automatically defaults to the web browser when the user opens up a browser. This web page only opens up when the user is internal. By the way, everything is SSO to get into this web page. When the user is not on our network and external the web page does not work unless the person runs a little batch file that we created. The batch file basically gives the browser the external version of URL to make it work. We want to come up with a better solution than having the user manually run the batch file when internal vs external? Any other thoughts...ideas...solutio
My first thought would be to add an entry into the hosts file of the laptops.
ASKER
To clarify:
We have a website for employees only that is available internally and externally.
Internal IP1: The bulk (80+%) of the usage is internally from PC's dedicated to individual users. Those users are SSO'd into the site via IWA. Internal DNS points to this IP.
Internal IP2: For shared or special machines internally, we have a hosts file that sends the client PC to the same domain name, but a different IP, so that the site presents a form login page (since it's a client with invalid webpage credentials, so IWA will not work for them). A hosts file is put onto these PC's to send them to that special forms login page IP.
Externally (IP3) -- all users are sent via Public DNS to a form login, again the website has the same name.
There are several code modules on the site that are coded for that domain name, so it's important the user and browser see the 1 domain name, regardless of entry point or login method.
The problem is that "checkout" / "loaner" laptops if used internally, will get a funky IWA prompt. These laptops had been really only used to work externally while travelling in the past, but we're getting more requests to use them internally.
If we put a hosts file on them, they won't work externally.
If we don't put a hosts file on them (current setup), they can't work internally.
So, one option was to somehow detect if the PC is internal v. external and then somehow launch a batch file, on logon and/or logoff to update the hosts file. We could have host_INT and hosts_EXT somewhere on the C: drive and then just copy the appropriate one into place.
The default usage will still be external, so to me the best option is to somehow detect it's internal, then copy the host_INT over hosts (only 1 entry to worry about for us anyway). Then on shutdown / logoff copy hosts_EXT over hosts to put it back to normal.
We have a website for employees only that is available internally and externally.
Internal IP1: The bulk (80+%) of the usage is internally from PC's dedicated to individual users. Those users are SSO'd into the site via IWA. Internal DNS points to this IP.
Internal IP2: For shared or special machines internally, we have a hosts file that sends the client PC to the same domain name, but a different IP, so that the site presents a form login page (since it's a client with invalid webpage credentials, so IWA will not work for them). A hosts file is put onto these PC's to send them to that special forms login page IP.
Externally (IP3) -- all users are sent via Public DNS to a form login, again the website has the same name.
There are several code modules on the site that are coded for that domain name, so it's important the user and browser see the 1 domain name, regardless of entry point or login method.
The problem is that "checkout" / "loaner" laptops if used internally, will get a funky IWA prompt. These laptops had been really only used to work externally while travelling in the past, but we're getting more requests to use them internally.
If we put a hosts file on them, they won't work externally.
If we don't put a hosts file on them (current setup), they can't work internally.
So, one option was to somehow detect if the PC is internal v. external and then somehow launch a batch file, on logon and/or logoff to update the hosts file. We could have host_INT and hosts_EXT somewhere on the C: drive and then just copy the appropriate one into place.
The default usage will still be external, so to me the best option is to somehow detect it's internal, then copy the host_INT over hosts (only 1 entry to worry about for us anyway). Then on shutdown / logoff copy hosts_EXT over hosts to put it back to normal.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks David, we will have to give this a try.