Daniel is right, the collections would not be able to keep pace with users roaming.
Depending on how your network is set up you could put a check for the IP address at the start of your task sequence. If the client falls in the range of your VPN connected addresses you could exit out of the sequence. We do something similar in our build task sequence. In our situation we have a number of remote sites with slow WAN connections. We have a script that takes the client’s IP address and looks it up in a table to identify if it is in one of these “slow” sites and if so which one. We then take actions based upon that. In our case leveraging NomadBranch in those sites. Mike From: <Gannon>, Todd <[email protected]<mailto:[email protected]>> Reply-To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Date: Wednesday, April 1, 2015 at 9:09 PM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: [mssms] RE: Exclude VPN computers from Task Sequence application deployment. Thanks for that. So are you saying putting conditions on the first step of the ts? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Daniel Ratliff Sent: Thursday, 2 April 2015 8:21 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] RE: Exclude VPN computers from Task Sequence application deployment. If your environment is anything like ours, the collections wont keep up with the roaming clients. I would control this entirely at the local level, put some checks in your task sequence and slowly hit all the machines as they come on and off the network. Daniel Ratliff From:[email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Gannon, Todd Sent: Wednesday, April 1, 2015 7:57 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] Exclude VPN computers from Task Sequence application deployment. Hello – In a few week’s time I will be deploying a new application to all computers in our organisation via a task sequence, and I would like to exclude vpn connected computers from receiving the deployment until they are in the office and connected via lan/wlan due to the fact that there is likely to be a reboot in the ts, amongst other things. Without modifying current boundary set up, has anyone configured this successfully before? I was thinking that I could create a collection based on the vpn ip subnets and exclude this collection from the deployment collection but am open for advise if anyone has a better idea? Thanks Todd :) The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information. ********************************************************** Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues
