I'm having trouble finding the correct administrative installation process. I have several field reps that do not have administrative rights to their laptops. I need to install GlobalProtect for them and have it pre-configured with proper certificates, portal addresses, etc. My certificates are self-generated by the firewalls, so are not trusted by a third-party such as goDaddy. My installation process is: login with a proper administrative account install the proper certificates into local computer and local user stores install the agent using msiexec /i globalprotect.msi POSTVPNCONNECTCOMMAND=\\server\path\logon.bat PORTAL=vpn.domain.us /quiet This sets up the first portal, but I have two portals. I've tried importing registry files for the second portal and it works for user that ran the install, but not for any other user on the system. All other users only have the portal created by the msiexec install. So how do I install the agent with two portals? When the user first logs in, they are asked to accept the certificate of the portal, even though the cert is previously installed. This acceptance is only required the first time the user logs in. How do I have the agent accept this certificate so not to ask the end user?
... View more