What I've done elsewhere is have the (in my case, KiXtart) script be in their "StartUp" folder, so that doesn't run until they're logged in. This same script would check itself against the \Netlogon share and make sure it was it's most current self. The only semi-trick is getting the first script on there in the first place, but there are numerous ways to do that too. Note I did this only for VPN clients, all other machines just ran it normally.
One thing you can implement with the "StartUp" folder trick is the script can do some checking for the user and optionally notify the user "you are not connected to mapped drive S:". I created a standalone KiXtart EXE that when clicked would then perform troubleshooting - first ping 127.0.0.1, then an expected GW, then DNS, then a specific server, giving "Success!" or "Failure!" messages that the user could directly report to the Help Desk, but I digress... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2008 9:07 PM To: NT System Admin Issues Subject: RE: Running script via pptp Yes we are just using Windows PPTP client. I knew cisco had something in there which is why it was running a script, I thought about creating a quick little script to call the vpn and then run the logon script. Maybe that will work. From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2008 9:54 PM To: NT System Admin Issues Subject: RE: Running script via pptp Actually, Looks like Network Access Quarantine Control in Windows Server 2003 will do what you need if your using MS client. From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2008 7:36 PM To: NT System Admin Issues Subject: Running script via pptp Just wondering if there was an easy way to have a login script run after the user is logged into windows and then connects to the vpn. My idea of putting a shortcut on the desktop they can click on met with resistance from sales people who hate to do anything different. They used to have a Cisco ASA and swear that it did some logon script, although I didn't see it in the client side and the device is dead so I couldn't go look on the cisco side (if theres an option). Thx ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
