2009-09-04

How can a VPN user get the group policy remotely

Problem:
When connecting office network from home via VPN, the user is not getting group policy applied on his home machine even it's a member of office domain.

Scenarios:

Remote VPN (PPTP, L2TP)
If the tunnel is not available at the time of logon the GP will not be applied. i.e. if it is a VPN connection that you are establishing after the remote user logs on to the PC then it is not possible to apply group policies, unless cached from a previous connection, on the LAN.

In order for the client to get the Group Policy, Winlogon has to get invoked for the logon request and this only happens with the "Logon with Dial-Up Networking". You must use windows VPN client in this case.

Site to site VPN:
If it is a site to site VPN connection there should be no problem, though certain policy settings need to be applied from group policy to enable slow link over VPN.

http://technet.microsoft.com/en-us/library/cc759191(WS.10).aspx

No comments: