Our users will have 2 Global Protect Portals to choose from.
The users sometimes log in to windows with a smart-card and sometimes with a normal AD-account (Username and password).
Not sure if it's possible but can we force what portal they connect to based on what account they log in on?
Theres one portal for smart-card users and one for the normal accounts.
I suppose you could do this by setting the GP portal in the local user registry, a domain member could be set to portal A and any other, portal B, you can then prevent user from changing portal address via the portal agent config.
As a workaround at the moment we are guiding users to connect to the correct portal at first login. When that is done it seems to be saved in the local profile and they do not have to change it again.
This does not affect alot of users so the manual work is fine at the moment. Would just be nice to be able to get it to be handled automatically.
The base portal is located in "local machine" and in "Current User" i found a sting value "LastUrl" that it changed when the user connect to the other portal. Not sure how these could be changed based on login..
Hmm,,, this may be possible via a GP pre logon script, perhaps a local test to check who has logged in and apply to portal reg setting.
not really my thing but may be something your into...
can i ask why 2 seperate portals?..
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!