cancel
Showing results for 
Search instead for 
Did you mean: 

Host checker for disabled computers

SOLVED
NatashaW_
Contributor

Host checker for disabled computers

Hi Guys,

 

We have a requirement to make host checker see if a computer object has been disabled on AD, and therefore should not be allowed to sign in to VPN. Can you please provide some suggestions on how I can get this working? If host checker cannot do this, is there perhaps another way?

 

Thanks

 

Natasha

1 ACCEPTED SOLUTION

Accepted Solutions
jayLaiz_
Super Contributor

Re: Host checker for disabled computers

Yes Natasha,

 

We can accomplish this by configuring host checker policies for Predefined Rule : OS Checks and select what OS and minimum service packs can be allowed.

 

Regards,

Jay

View solution in original post

3 REPLIES 3
jayLaiz_
Super Contributor

Re: Host checker for disabled computers

Hi Natasha,

 

Host checker cannot do this as the HC is run on the end point and not on the AD server.

 

Junos Pulse cient has machine logon options, please refer admin guide in 7.2 and above.

 

When you boot up the machine, machine logon will happen and establish the VPN tunnel via Pulse client so if the computer object is disabled, the machine logon via Pulse will fail

 

The restriction is that with SA/ MAG box, the machine logon will, not work for windows 2008 r2 servers and above though there are plans to support the same in future releases.

 

Regards,

Jay

NatashaW_
Contributor

Re: Host checker for disabled computers

Hi Jay,

 

Thank you for the response...ok, coming at it another way, could we restrict based on OS version? So can HC see that the computer connecting has Windows XP SP3 (for example), then it won't let it in?

 

Thanks

 

Natasha

jayLaiz_
Super Contributor

Re: Host checker for disabled computers

Yes Natasha,

 

We can accomplish this by configuring host checker policies for Predefined Rule : OS Checks and select what OS and minimum service packs can be allowed.

 

Regards,

Jay

View solution in original post