I briefly tested using the File Bookmark which ended up not being a good solution for my issue. I need to be able to map network drives either based on a script or something along those lines, I also need the option to use a varible to get the end user to their home directory. I've looked at quite a few docs but nothing seems to make it simple to the end user. I also have multiple domains involved and the users will use their Active Directory credentials to authenticate which seems to cause an issue as if they try to use start run and do a \\server\share\homedir it prompts for their domain credentials and tells them they already used those and to provide a different set of credentials to authenticate for their network share access. I know there is a startup and shutdown script field within the SAM options but I couldn't get a varible that would correctly pull their userid, it would always look at the local PC and some users the PC is not controlled by us which forces them to logon with something other then their domain id so the varible picks up that PC id instead of that they use for the SSL piece. I've looked at some of the docs but have yet to find something that is straight forward and won't cause headache to the user as most get confused easily.
I tried that briefly and used the varibles within a File Bookmark but need to find a method to trigger a drive mapping that will appear in My Computer or at least trigger it to open in Windows Explorer, as the File Bookmark ends up opening the file in a Temp Dir and I just want it so the file users open is actually from the network and when they save it saves to the network instead of them having to do Save As to the desktop and then have to remember to upload the file again. Also since we use their domain credentials to authenticate to the SSL VPN when some users try doing \\server\share it prompts for credentials and if they use the same credentials they authenticate to SSL with it requests they use different ones which they only have a single set.
that is the same problem I have been having since day one where users are not able to edit documents, then save the changes back to the network instead of a temp file, the work around is to open the file make the changes and save as... to the desktop then remember to upload and overwrite original.
I do know that some users when opening the file from their mapped drives are able to save back to the original file as well as it locks it and puts the file in a read only state but users still had to map their own locations since I wasn't about to create a rule for each network share that each user has, all I did was allow the root.
In order to use drive mapping through WSAM, your users do need to map the drive and choose the option to connect as a different user and then providing the exact same credentials they generally use for connecting (it is how it is designed to make sure the information is sent; please see the admin guide).
You are correct that it is not possible to use IVE variables through the WSAM start/end scripts. If you were to create a .bat file that requested it and then sent the data through using net use, that might work.
I'm fine with doing a start and end script through WSAM, but is there a varible that can correctly capture what user id they are logged on via the SSL, as the varibles I was trying seemed to end up capturing the local ID. Also will that prompt them for access to the network shares or is there a way to pass the credentials used to authenticate to SSL along for access to the network shares.
There is no way to get the IVE variables to a start/stop script for WSAM or Network Connect. Any script that needs credentials is required to prompt the user for the correct credentials; otherwise the local credentials will be used (as you have observed).
Ok I'm open to it prompting for username/password is there a way to capture the ID of the SSL logon used so I could get \\server\share\<sslid>. Also another issue I keep running into with network shares since we use the users AD credentials when they have done \\server\share via the start/run command it states the credentials have already been used and to provide different credentials after it prompts on connecting to the network share.
There is no way to capture the SSL ID.
Connecting to a share over WSAM via start>run is not supported as it is not possible to get the credentials (as needed). From the release notes:
Users must launch drive maps through W_SAM in one of the following ways:
NetUse__At the Command prompt, type: net use * \\server\share /user:username
Right_click My Computer > Map Network Drive, or in Windows
As you have observed, it is possible to run the command; but the credentials can cause problems unless you map using the above information. The credentials provided in the above instances are the same credential as the IVE login (the AD share permission).