When our users connect locally on the network, as soon as AD authentication is passed, they receive a login script based on their OU to map certain drives. When users go home, power up their laptops, and log in, they don't receive the script and as such, don't get the drive mappings. Does GlobalProtect have a feature or option that will run the login script once it connects? Say once the GP application connects to the gateway, it runs a specific script based on the users OU, or something?
This is not a current feature in Global Protect.
I would create a shortcut to the shared login script location on the users desktop that they can run after the connection is made.
You can submit this as a new idea on the knowledgebase site for future releases.
Choose the "Create an Idea" link on the bottom left.
You can also contact your sales team. They can search the pending ideas and add your vote if this is already in the system for enhancements.
If you select "Pre-logon" as connexion method for your GP agent, GP should be enable before you user open windows session from home. Mean VPN is up then opening session in your AD then script should run.
The "Pre-logon" requires a registry entry if I'm not mistaken to tell the PC to connect to a certain SSID. Being that this solution will be deployed for users working from home, we have no way of knowing what their SSID's are...
There is a feature in Global Protect called pre-logon -- its under the client configuration on the portal. I use GP with the pre-logon for Win 7 clients and it works great. We also have a log on script that fires upon AD Auth and maps the users drive.
Have this in production with Pan OS5.0.10 and GP client of 1.2.9
Can anyone provide any feedback on this?
- we have laptops that we want to use the Global Protect client on.
- these laptops are NOT part of our domain
- some of drive mappings are done via a GPO
- some of our drive mappings are done via a Logon Script
- I want the user the authenticate and the drives be mapped automatically whichever way is possible (script or enforced GPO)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!