Page 2 of 2
Re: VPN GPO and Wapt enterprise
Published: November 12, 2020 - 11:34 AM
by sfonteneau
mouka wrote: ↑Nov 12, 2020 - 11:20 AM
The PCs in question underwent a manual installation and uninstallation of Waptagent. That might be the problem... a messy uninstallation in the Windows registry?
No, that's not a problem at all
If you manually launch waptdeploy on a mobile device, does it work? Does Wapt install?
Re: VPN GPO and Wapt enterprise
Published: November 24, 2020 - 11:43 AM
by mouka
Yes.
I found a solution. Since we use OpenVPN, the startup/shutdown GPOs don't work. The VPN client is started by the user (it's not automatic when the PC boots). For your information: Microsoft's solution for startup/shutdown GPOs to work over VPN is to use DirectAccess, but we don't want to use that. My solution is: I created an "immediate scheduled" task + GPO.
An immediate scheduled task is essentially a live GPO update for clients connected via VPN (or on the lab network), so the task runs immediately when the GPO is updated. To control everything, i.e., who is on VPN and who isn't, I have my PowerShell scripts.
There you go, if this can be useful to your clients.
Thank you and have a good day,
Mr.
These commands can be useful:
`gpresult /r /scope computer`
`gpresult /r /scope user` `
gpupdate.exe /target:user /force`
Or, from a domain controller:
`Invoke-GPUpdate -Computer ClientPCName -RandomDelayInMinutes 0`