Handling domain joined laptops that are rarely on the local LAN?

wifi active-directory vpn

Solution 1:

Depending on the work they have to do inside the Domain, consider working with a Terminal Server, (or just a Host Inside your company Network).

They could even work with their private Hardware (if they want to) and you are in full control of the Terminal Server. Just give them access via VPN, or directly via RDP (if you have trust in Microsoft protocols :)

OpenVPN would also have a service feature where you could connect to a VPN an system startup. You could pare this with Certificate Authentication (unexportable from the certificate store) and a revocation list for NOT allowing users to connect anymore.

openvpn config needs to edited something like this:

ca "YOUR_CA.pem"
cryptoapicert "SUBJ:OpenVPN-Client"

the certificate (with a matching subject name) needs to be imported, inside the users certificate store (the user who starts up the openvpn service)

Solution 2:

One common way of handling this is to start the VPN connection before user logon. For instance, the Cisco AnyConnect VPN client has this feature:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809f0d75.shtml

Related

Dynamic Spotify Playlist of my Top Tracks on Last.fm?
How do I change the wallpaper slideshow album programmatically?
How do I change WiFi adapter MAC address for Win7/8/10? Network adapter 'Advanced' tab is missing 'Network Address' field
Is it possible to remove folders from Windows explorer navigation pane?
Flatten PDF annotations
Randomly getting 'Request timed out' when pinging wireless router
When renaming a file in Windows, CTRL + Backspace does not delete whole words [duplicate]
Windows 10 - adding Wifi Credentials for all users
Prevent Outlook from adding line breaks
What's the difference between a superscalar and a vector processor?
What is the difference between Preference and Secure Preference file in Google Chrome?
Is there a way to configure where a new program window can appear?