Automatically pass Firepass login creds when mapping drives

under Master Group settings, there is a chcek box to Auto-logon using FirePass user logon credentials for Drive mappings. Of course their FP creds need to match domain (drive map) settings.

or conversely, is there a way to automatically log the user in to the domain using their Firepass login credentials, which would eliminate the password prompt during the driev mapping operation?

 

 

 

are you using AD fro auth?

Yes I am using AD for authentication. I would love to automatically log the user into the domain when connecting to the Firepass. However I have not been able to get it to work. I am using client certificates in addition to AD creds. I was using a prelogin sequence however I have turned that off in favor of resource protection and a few specific process / registry checks.

If you are using AD authentication then you can configure the FirePass as follows:

 

 

1. Select from Menu, Network Access > Master Group Settings.

 

 

2. Select the Master Group you want to apply the settings to from the Master Group: drop down box.

 

 

3. Select the check box for Auto-logon using FirePass user logon credentials.

 

 

4. Enter the pre-Windows 2000 domain name in the Domain/Workgroup (optional): dialog box.

 

 

This should automatically authenticate your users against the domain when mapping drives through a Network Access connection. If it still doesn't work you should also check the following setting:

 

 

1. Select from menu, Network Access > Resources.

 

 

2. Select the Resource Group you want to configure from the drop down list.

 

 

3. On the Client Settings tab ensure that the Enable Client for Microsoft Networks is checked.

 

 

Cheers,

 

Chris.

tihall - Have you tried to setup a login script for the drive mappings? Not sure how many users\groups are able to have remote access, but this would be cool.

 

 

network access -> launch applications

 

Do you mean an AD login script or a script that executes on the client when they connect via the vpn? We do map the drives via login script when the user logs into the domain, but I can't find a way to actually have the clients login to the domain when they set up a vpn tunnel via the firepass. I understand there is a windows login integration function which would be great but we are using certificates and I think that throws a wrench into that process. Any suggestions would certainly be welcomed!

Do you mean an AD login script or a script that executes on the client when they connect via the vpn?

 

 

 

AD login script.

I have recently discovered from F5 support that the Auto-logon using FirePass credentials only applies to the 'Drive Mappings' feature of Network Access.

 

 

If you are trying to run a logon script from a Netlogon share, the user will be authenticated to the share using the credentials that they are logged on to the client with. This can lead to access denied errors if the account is not a cached domain account.

 

 

So if you allow your users to establish a Network Access VPN from non corporate devices and you want to ensure that they map their network drives the only option is to use the 'Drive Mappings' feature.

Thanks that's good to know. Since the drive mapping feature doesn't seem to work consistenty (it surely doesn't work consistently for me), I am launching net.exe after the tunnel is created and mapping the drives that way.