General discussion


Group Policy and dialup

By elkrueger ·
Recently our company had upgraded to Active Directory. With this we would like to assign different group policies to different OUs in AD, but we are running into a small problem.

Right now everything seems to be working on LAN attached machines. The problem comes when we log in with a dialed up laptop. It is not taking changes.

We log in to the Windows 2000 Pro laptop with cached domain account information. Then we dial in with the machine, and the policy is not pulling. Does anyone know how to get the policy to pull over dial up?

One other thing, I did find the command line call to update a policy and again it works on a network connected machine, but not a dial up machine. Any help would be greatly appreciated.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Group Policy and dialup

by Joseph Moore In reply to Group Policy and dialup

You will have to configure the Win2KPro machines to connect using Dial-Up Networking. I did this recently, and it was easy (using RRAS to connect to my domain, and wanted the domain policies to be pushed to the callers).
Log into the Win2KPro machine(s).
Create a dial-up connection to your office like normal.
Log out of the Win2KPro machine(s).
Press CTRL+ALT+DEL to bring up the logon screen.
Have the user enter their normal domain user name and password in the boxes.
Click the Options button to exposes the domain drop-down. Make sure your domain is listed.
Click the checkbox next to Use Dial-Up Networking.
Click OK.
At that point, a new drop-down window comes up, where you can select the appropriate Dial-Up Connection. It will only display the Connections you have already built on the machine; that is why I had you make the Connection first.
Select the one you made to connect to your office.
The user name and password will AUTOMATICALLY be pulled from the normal Windows login/password box and put into the Dial-Up Networking box.
Have the user click Connect.
The Win2KPro machine will dial up to your RRAS server, and attempt to autheticate based off the user name and password. If that is right (and if the user has dial-in rights), then their dial-up connection will be established.
At that point, the user is connected to your network, and the normal domain controller authentication will happen, just like if the user were plugged into the switch.
Authenticationwill happen, then the GPO will be pushed down the phone line onto the remote system.

Basically, the user connects to the office via phone line, instead of through a NIC and CAT5 cable. But as far as Windows is concerned, it is the same. GPO is applied, logon scripts run, drives map, and all is well.

hope this helps

Collapse -

Group Policy and dialup

by elkrueger In reply to Group Policy and dialup

This is a good answer but it doesn't help me. What was said, works, however my users don't dial directly to the office. Since we have a marketing force that is over the entire country, they first dial an ISP and then when connected there they connect to the office through an VPN. So, while what you said works, it won't solve my problem.

Any other ideas on how to get the policy pulled through a VPN tunnel?

Related Discussions

Related Forums