question

DesperateDan-2682 avatar image
0 Votes"
DesperateDan-2682 asked Vzzzbucks-2006 commented

Cisco VPN and Folder Redirection

Hello and hope everybody is keeping well in these difficult times.

Please could someone help with the following query.

Query Summary

How can we get folder redirection for desktop, documents, IE favourites etc to work when there are a large population of users using a Cisco VPN client.

Query background.

The reason for the question is that we will be migrating all our users to OneDrive and redirecting their folders from a network drive to OneDrive so their desktop folders, my documents, IE favourites will reside in OneDrive. The users network drive will then be removed.

The process to use the Cisco VPN client is such that users connect to the VPN after they have first logged into their laptops remotely. Subsequently they do not get Group Policy applied to them at the point of first logon.

Unless I am mistaken I do not think a GPUpdate /force works for folder redirection as the user has the folder redirection objects locked out by the fact that they are currently logged on.

If users were LAN connected (e.g. in an office we would not be having this issue)

We are in the early stages of researching this scenario and will be putting some test plans in place to overcome this which we will happily feed back here.

At present our only thoughts are to run a script locally on the users laptops to manually perform the folder redirection and then do a reboot but this is yet to be tested.

Any thoughts or insight to a solution would be greatly appreciated.

Maybe someone has had this issue before and has found a solution.

Many many thanks in advance for any input received.

Yours's gratefully.

Dan







windows-server-powershellwindows-group-policy
· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidMatthews-4402 avatar image DavidMatthews-4402 ·

Hey Dan - I am facing a similar issue. Currently have staff with redirected folders & offline files. now looking to move those folders to OneDrive with 'Known Folder Move'. The issue is that to implement KFM you first need to remove all existing Redirected Folders settings. This would be fine if all staff were located in an office connected to the LAN... but due to Covid they are now working from home over VPN.
My situation sounds the same as yours, our VPN doesn't connect until after logon with cached credentials - which means that Folder Redirection GPO's never apply. So there is no way for me to remove the exiting FR policies and them implement OD KFM.

Did you ever find a workable solution to this problem (other than connecting VPN prior to logon) ?

Regards.
Dave M.

0 Votes 0 ·

3 Answers

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered FanFan-MSFT commented

Hi,

In your situation, ,what's the result if you sign out and sign in again?

Firstly, In situations where you need for users to implement folder redirection in a single logon, apply a GPO with the setting “Always wait for the network at computer startup and logon ”to the computer. This setting is located under Computer Configuration\Administrative Templates\System\Logon in the Group Policy Object Editor. Update the group policy and then confirm the result again.
Also,based on my research, we need to connect VPN before login with our domain account.
Then configure VPN to be connected before login with our domain account.
Since don't have the Cisco VPN environment ,i'm afraid can't give more advice for the configuration.

Similar case for your reference:
https://social.technet.microsoft.com/Forums/en-US/b83b93a6-5663-4f56-95dd-057374cc37c8/apply-gpo-through-vpn?forum=winserverGP

Best Regards,

· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FanFan-MSFT avatar image FanFan-MSFT ·

Hi,
Welcome to share your current situation.
Please feel free to let us know if you need further assistance.
 
Best Regards,
Fan

0 Votes 0 ·
Soccan avatar image
0 Votes"
Soccan answered

Can users make changes to the Cisco VPN config? Though my information is very outdated, this is Windows XP-era, one of the things I loved with the back then Cisco VPN client was that it was able to start before Windows logon.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Vzzzbucks-2006 avatar image
0 Votes"
Vzzzbucks-2006 answered Vzzzbucks-2006 commented

I'm currently in the same situation but we're simply moving users' redirected folders from one file server to another, not to OneDrive.

One option we are considering is to get users to remote onto RDS servers to initiate the process, as we're soon to roll out RDS across the company. Failing that, you could get the users to remote onto a workstation in the office which is connected directly to the LAN. Though not ideal, this should process the GPO at logon and move the files over.

· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Vzzzbucks-2006 avatar image Vzzzbucks-2006 ·

Further to this, after testing I found that the files did migrate by logging into the RDS, however, the user's local machine remains pointing at the old share location where the files no longer exist, so they basically lose access to their files until they next login on the LAN, unless you can train them as a workaround to browse to the new location in the meantime.

0 Votes 0 ·