Logon to domain via VPN, execute domain login script with Global VPN Client (GVC)
03/26/2020 1167 18305
Execute logon script when connected - allows the Global VPN Client to perform domain authentication after logging into the SonicWall VPN Gateway and establishing a secure tunnel.
In order to do this:
the Execute logon script when connected option in the connection properties must be checked,
NetBIOS must be enabled in the GroupVPN Advanced settings.
The computer must have logged onto the domain at least once, so the domain login credentials would be cached.
The next time the GVC establishes a connection, it checks system variables (USERDOMAIN in cmd> SET) to find the domain and then sends a NetBIOS broadcast for the domain name (“who’s the domain controller for xxxxx domain?”).
The domain controller responds with its information (“I am. My IP is x.x.x.x.”), and the client sends its cached login credentials. The domain controller authenticates the client and tells it which login script (in the Netlogon share) to run.
GVC uses SMB to connect to the share and download the login script. If any changes have been made to the login scripts, the client should pick it up the next time it connects.