Logon to domain via VPN, execute domain login script with Global VPN Client (GVC)

Description

Execute logon script when connected - allows the Global VPN Client to perform domain authentication after logging into the SonicWall VPN Gateway and establishing a secure tunnel.

Resolution

In order to do this:

  • the Execute logon script when connected option in the connection properties must be checked,
  • NetBIOS must be enabled in the GroupVPN Advanced settings. 
  • The computer must have logged onto the domain at least once, so the domain login credentials would be cached. 

The next time the GVC establishes a connection, it checks system variables (USERDOMAIN in cmd> SET) to find the domain and then sends a NetBIOS broadcast for the domain name (“who’s the domain controller for xxxxx domain?”). 

The domain controller responds with its information (“I am.  My IP is x.x.x.x.”), and the client sends its cached login credentials.  The domain controller authenticates the client and tells it which login script (in the Netlogon share) to run. 

GVC uses SMB to connect to the share and download the login script.  If any changes have been made to the login scripts, the client should pick it up the next time it connects.

See Also: LOGON SCRIPTS

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community