Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1013
Views
0
Helpful
2
Replies

SSL Gateway / ACS deploying / running *bat files

Go to solution
Martin Bosch
Level 1
Level 1

‎06-29-2011 01:05 AM

My current setup works with user authenticating via ACS.

Proxy settings get downloaded to the client based on what group he belongs to on ACS.

I would like to see if I can't run the good old *.bat file while a user logs on. The main idea behind this is where some users log on to the domain,

they get drives mapped via AD. I would like to map the drives using the same script file using the anyconnect client.

I would like to have ACS control this - Any idea's, or if this can be done even?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Herbert Baerten
Cisco Employee
Cisco Employee

‎07-03-2011 01:21 AM

Hi Martin,

as far as I know, this cannot be done at the moment, at least not the way you had in mind.

What you can do is either:

- configure the ASA to push an OnConnect and OnDisconnect script (.bat file) to the client, but this will be the same script for all users, so regarding personalization you're limited to using whatever variables you have available.

E.g. you could do something like "net use \\server\%username%" to map the user's personal share.

OR

- place the script on the user's local file system yourself, and it will get executed each time AC (dis)connects.

Obviously this way you can personalize the script for each user, but this needs to be done manually.

see :

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/administration/guide/ac03features.html#wp1068902

hth

Herbert

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Herbert Baerten
Cisco Employee
Cisco Employee

‎07-03-2011 01:21 AM

Hi Martin,

as far as I know, this cannot be done at the moment, at least not the way you had in mind.

What you can do is either:

- configure the ASA to push an OnConnect and OnDisconnect script (.bat file) to the client, but this will be the same script for all users, so regarding personalization you're limited to using whatever variables you have available.

E.g. you could do something like "net use \\server\%username%" to map the user's personal share.

OR

- place the script on the user's local file system yourself, and it will get executed each time AC (dis)connects.

Obviously this way you can personalize the script for each user, but this needs to be done manually.

see :

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/administration/guide/ac03features.html#wp1068902

hth

Herbert

0 Helpful

Go to solution
Martin Bosch
Level 1
Level 1
In response to Herbert Baerten

‎07-04-2011 10:46 PM

Hi Herbert,

I saw the ASA to push an OnConnect and OnDisconnect options. But sadly due to the multi profiles this is not an option for me. However, I am going to mark this as correct, for someone else that might need this for single profiles

Would have been nice if I could have done this via ACS somehow. Thanks for the confirmation.

Regards,

Martin

0 Helpful
Customers Also Viewed These Support Documents