SSL VPN
Reply
New User
gflanagan
Posts: 5
Registered: ‎02-26-2008
0

Juniper SA 6000 MAC OS X, Network Connect, scripting

We current have an Active Directory in place. Our requirement is for our home users to logon to the IVE, launch network connect and then have a script that connects them to their home drive which maps as h:\ when they logon to AD using a windows box.

 

any suggestions would be appreciated,

Greg

Contributor
Brian
Posts: 35
Registered: ‎01-10-2008
0

Re: Juniper SA 6000 MAC OS X, Network Connect, scripting

Write the script the does the mapping, then go into User Roles>Role Name>Network Connect, scroll down to "Session Scripts", input the location of the script.

New User
gflanagan
Posts: 5
Registered: ‎02-26-2008
0

Re: Juniper SA 6000 MAC OS X, Network Connect, scripting

OK, Thanks, I was able to get that far. More questions

  1. What format does the script have to be in? i.e. for windows .bat is one example.
  2. Should the script be located on the domain controller?
  3. does the box next to "session scripts" support UNC paths?

I have limited experience with MAC OS so I apologise in advance for the newbie questions.

 

Greg

Contributor
Brian
Posts: 35
Registered: ‎01-10-2008
0

Re: Juniper SA 6000 MAC OS X, Network Connect, scripting

There are some general guidelines in the Admin Guide under Remote Access>Network Connect>Defining role settings: Network Connect. For Windows, it will need to be .bat, .cmd, or .exe. A .bat file can call a .vbs script. I've used a .bat file to call an .htm file to launch documentation in a new browser window on the client. The Admin Guide does mention that the client needs to be a member of the same domain. I don't have any experience on scripting for Mac, so I will defer to someone else.
Contributor
Dan_Smart
Posts: 18
Registered: ‎07-17-2008
0

Re: Juniper SA 6000 MAC OS X, Network Connect, scripting

Not sure if .bat will work on MAC, but the script address we use for AD is:

\\na.vul.com\NETLOGON\co.bat

where the beginning is the domain name in "DNS" format and the end is the login script batch file name.

Note: You CANNOT use the ldap attribute <userAttr.scriptPath> to set the loginscript name.  This is NOT supported in this field.  Another real pain!  I check this in the RoleMapping rules using a custom expression instead and have a different Role for each login script (and make something simple unnecessarily complex).

 

-=Dan=-

 

Zag
New User
Zag
Posts: 1
Registered: ‎01-22-2009
0

Re: Juniper SA 6000 MAC OS X, Network Connect, scripting

Dan,

 

How confident are you that the client needs to be on the same domain that the SSL VPN device.  Maybe I misunderstand your comment?  I cannot get my very simple Windows script to run:

 

@net use H: \\server\users\%username%

@net time \\server /set /yes

gpupdate

 

 

ZAG
Regular Visitor
tommyp
Posts: 6
Registered: ‎08-18-2008
0

Re: Juniper SA 6000 MAC OS X, Network Connect, scripting

Did you ever have any luck with this? I am having issues getting my batch files to load at NC startup.

 

Have you seen anything like this?

 

Thanks in advance......

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.