12-07-2020 01:32 PM
with the attached photo, when we click the button for SBL, this is the popup we get. I tried checking with the network team and they were unsure on how to get the address to populate in this field. I am assuming there is an edit we can make to the .xml profile to allow a link to be in that field. oh, did i mention, this would be for the first time login after we wiped a device with with Microsoft Endpoint Manager for use with AutoPilot?
After it logs in the first time, the link populates. that isn't an issue. it's at first launch after a device wipe for autopilot. I could have the endusers type in the address, but i dont want to make it too difficult for the enduser. ya'll know how well they follow directions.
Thank you!
Michael From Michigan.
Solved! Go to Solution.
12-10-2020 01:27 PM
you know how sometimes you can read something 100 times and not think anything of it, then all of a sudden you realize how dumb you were. the issue was a mixture of my and a coworkers fault. i was using a script that he had initially used. we finally sat down today and took a good look at the issue. well, this is what the script had looked like
Copy-Item .\Client_Profile.xml -Destination "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile" -Force Start-Process msiexec.exe -Wait -ArgumentList '/I anyconnect-win-4.7.04056-core-vpn-predeploy-k9.msi /qn ALLUSERS=2 Start-Process msiexec.exe -Wait -ArgumentList '/I anyconnect-win-4.7.04056-gina-predeploy-k9.msi /norestart ALLUSERS=2 /qn'
Guess what? powershell can't copy the **bleep** .xml file before the folder is created! The folder isn't created until after those two .msi's are installd. grrrrrr. we just moved the copy-item below the install. everything works now.
12-07-2020 11:05 PM
12-08-2020 06:22 AM
yes. i understand that. this works fine after the user logs in for the first time. but we are working on autopilot. we want to be able to send a computer from dell directly to the enduser without our techs having to configure it. upon initial install before any user logs into the computer, the profile we have created isn't adding a link.
below is the .xml file they created for me a couple weeks ago.
<?xml version="1.0" encoding="UTF-8"?> -<AnyConnectProfile xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.xmlsoap.org/encoding/"> -<ClientInitialization> <UseStartBeforeLogon UserControllable="true">true</UseStartBeforeLogon> <AutomaticCertSelection UserControllable="true">false</AutomaticCertSelection> <ShowPreConnectMessage>false</ShowPreConnectMessage> <CertificateStore>All</CertificateStore> <CertificateStoreMac>All</CertificateStoreMac> <CertificateStoreOverride>false</CertificateStoreOverride> <ProxySettings>Native</ProxySettings> <AllowLocalProxyConnections>true</AllowLocalProxyConnections> <AuthenticationTimeout>60</AuthenticationTimeout> <AutoConnectOnStart UserControllable="true">false</AutoConnectOnStart> <MinimizeOnConnect UserControllable="true">true</MinimizeOnConnect> <LocalLanAccess UserControllable="true">false</LocalLanAccess> <DisableCaptivePortalDetection UserControllable="true">false</DisableCaptivePortalDetection> <ClearSmartcardPin UserControllable="true">true</ClearSmartcardPin> <IPProtocolSupport>IPv4,IPv6</IPProtocolSupport> -<AutoReconnect UserControllable="false"> true <AutoReconnectBehavior UserControllable="false">ReconnectAfterResume</AutoReconnectBehavior> </AutoReconnect> <SuspendOnConnectedStandby>false</SuspendOnConnectedStandby> <AutoUpdate UserControllable="false">true</AutoUpdate> <RSASecurIDIntegration UserControllable="false">Automatic</RSASecurIDIntegration> <WindowsLogonEnforcement>SingleLocalLogon</WindowsLogonEnforcement> <LinuxLogonEnforcement>SingleLocalLogon</LinuxLogonEnforcement> <WindowsVPNEstablishment>LocalUsersOnly</WindowsVPNEstablishment> <LinuxVPNEstablishment>LocalUsersOnly</LinuxVPNEstablishment> <AutomaticVPNPolicy>false</AutomaticVPNPolicy> -<PPPExclusion UserControllable="false"> Disable <PPPExclusionServerIP UserControllable="false"/> </PPPExclusion> <EnableScripting UserControllable="false">false</EnableScripting> -<EnableAutomaticServerSelection UserControllable="false"> false <AutoServerSelectionImprovement>20</AutoServerSelectionImprovement> <AutoServerSelectionSuspendTime>4</AutoServerSelectionSuspendTime> </EnableAutomaticServerSelection> <RetainVpnOnLogoff>false </RetainVpnOnLogoff> <CaptivePortalRemediationBrowserFailover>false</CaptivePortalRemediationBrowserFailover> <AllowManualHostInput>true</AllowManualHostInput> </ClientInitialization> -<ServerList> -<HostEntry> <HostName>Start Before Login:Secured</HostName> <HostAddress>redacted</HostAddress> <UserGroup>SBL</UserGroup> </HostEntry> </ServerList> </AnyConnectProfile>
am i missing something in the profile, an option that we missed?
12-10-2020 01:27 PM
you know how sometimes you can read something 100 times and not think anything of it, then all of a sudden you realize how dumb you were. the issue was a mixture of my and a coworkers fault. i was using a script that he had initially used. we finally sat down today and took a good look at the issue. well, this is what the script had looked like
Copy-Item .\Client_Profile.xml -Destination "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile" -Force Start-Process msiexec.exe -Wait -ArgumentList '/I anyconnect-win-4.7.04056-core-vpn-predeploy-k9.msi /qn ALLUSERS=2 Start-Process msiexec.exe -Wait -ArgumentList '/I anyconnect-win-4.7.04056-gina-predeploy-k9.msi /norestart ALLUSERS=2 /qn'
Guess what? powershell can't copy the **bleep** .xml file before the folder is created! The folder isn't created until after those two .msi's are installd. grrrrrr. we just moved the copy-item below the install. everything works now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide