[gptalk] How to: Pass GP logon scripts upon VPN connection?

  • From: "Mills, Mark" <Mark.Mills@xxxxxxxxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Wed, 20 Sep 2006 11:34:53 -0500

Looks like a made a mountain out of a mole hill.  Do I just need need to
perform a copy of my current domain based GPO script to a the Localized
GPO as discussed at http://www.gpoguy.com/faqs.htm#Scripts 


I don't think that will work either because it wouldn't be able to
connect mapped drives until they created the VPN, right?  Never mind, I
thought I had found an answer to this by reviewing old gptalk posts by
Darren and others.  OK back to researching.....


Mark Mills


I have some users who create a VPN tunnel to the network when they
travel.  The VPN endpoint passes their VPN logon credentials to the
domain IAS server (Internet Authentication Server) which then either
allows the VPN router to connect them to the domain via VPN, or deny
them access.


Once on the VPN, I need to have their machine run their standard Group
Policies logon scripts - most of the logon scripts are standard VB drive
mappings, some in loopback processing mode. (even if I could get just
the user side GP setting applied it would be acceptable.)


Darren - if this is specifically addressed in one of your books, just
tell me and I will go buy it (please reference a title, page number, and
ISBN # there is a Barnes and Noble down the street) - Or if Jeremy
Moskowitz is listening, I bought your book, tell me what to look under
to find my solution.  I'm not trying to freeload information - even if
someone can give me some key words to Google for this I would be


End Result:

I need my end result to be that they get all their GP based mapped
drives upon logging into the VPN.  They get one set of mapped drives by
default, but then get other mapped drives depending on what hardware
they are on (pc or laptop) and these are the mapped drives that are
passed down in loopback processing mode because laptops are in one OU,
while pc's are in another.


I haven't seen a Microsoft method to run a script upon VPN connection to
our network.  I've looked at the "dial-in" tab in ADU&C, and also tried
to see if there was a method to accomplish this with a connection policy
in IAS.  I feel as if I'm left having to create a WMI script that says
something to the effect - if connected to a 15.15.15.x network then run
this script at c:\scripts\vpnmappings.vbs


If all of this is absolutely impossible, then can someone tell me how to
make a "persistent" mapped drive when using VBScript?  My logons
currently use a VB script but they are not persistently mapped.


Mark Mills


Other related posts:

  • » [gptalk] How to: Pass GP logon scripts upon VPN connection?