Forum Discussion
marcoorg
Jul 02, 2021Copper Contributor
Autopilot deployment - first login to on-premises AD with always on VPN
Hey everyone, maybe someone could help. We have hybrid AD (on-premises + azure). I'm trying to configure always on VPN to work without user interaction during autopilot deployment. When user deploys ...
Jul 02, 2021
Hi
I couldnt find information in your question (to be 100% sure) if this option is enabled: skip the AD connectivity check is enabled in the autopilot deployment profile
I couldnt find information in your question (to be 100% sure) if this option is enabled: skip the AD connectivity check is enabled in the autopilot deployment profile
marcoorg
Jul 02, 2021Copper Contributor
Rudy_Ooms_MVP thank you for your response. In Windows Autopilot deployment profile the setting Skip AD connectivity check (preview) is set to Yes.
- Nathan BlasacJul 03, 2021Iron ContributorAre you perhaps able to re-configure that pre-login VPN so that the user can initiate the tunnel and authenticate via User Name/Password whilst leveraging MFA? Then the user should be able to reach the DC, complete login, and continue the autopilot process.
- marcoorgJul 08, 2021Copper ContributorDevice tunnel is not displayed in the network icon. First login using domain account failed. I've tried to login to local admin account and checked that at this step there are no NDES cert and VPN profile configured yet. I've tried to push user VPN config but it's not deployed before first logon.
Now we have a workarround: third party VPN that is deployed correctly during Autopilot proces and allows to login to VPN and domain account together but finally we would like to switch this to MS Always On VPN.- Nathan BlasacJul 09, 2021Iron ContributorThanks for the update. Which Third Party VPN did you go with? I'm aware of many using Cisco AnyConnect.