Using Symantec 11, we applied a VPN policy to the Network Connect ip ranges. Works well, our clients switch between three end point policies depending on the network connection - Office, VPN, and Untrusted. ... View more

Using a Citrix Web Interface/JICA Profile the following are my SSO policy properties: User user <USER> Not modifiable Password password <PASSWORD> Not modifiable Domain domain accidentfund.com Not modifiable LoginType LoginType Explicit Not modifiable State state LOGIN Not modifiable ... View more

I have never found a really good way to accomplish what you are trying without doing individual HC polices and redirecting the user to the patch with a custom remediation page. I did add a comand to our NC start up scripts to force the clients to connect to the WSUS servers. run "@lanroot\wuauclt.exe /resetauthorization /detectnow" The 6.2 firmware now has a Shavlik scanner included in the HC policies and I am starting to look at it's functionality. ... View more

Two week ago I completed an upgrade of our SA4000 cluster from 5.5R5 to 6.2R2-1 with no issues. ... View more

Correct, you have to logon. The other quirk with it is it must be a cached domain account for it to work. I tried to invoke the feature with a local account and it just puked. This is a work around solution developed according to JTAC for Vista. GINA Enabled NC on XP is a good solution, but it is not perfect. I was not able to deploy it at our company becuase for some reason it must be the only "GINA" Chained app on the computer and I ran into conflicts with another application. I added gpupdate /force to the NC start up script to make sure the GPO's are updated. We also are going to start notifying users via email that their passwords are about to expire so they can manually change them via ctrl-alt-dlt. Hate to put it back on my users, but I have not found a better solution. Still looking for a good solution that does not feel like a "bandaid" for the same problem you are dealing with. ... View more