Follow

How to Configure ProfileUnity for Laptops which have no network access until VPN/Wifi is connected

Product: ProfileUnity-FlexApp

Product Version:  6.8.x

Expiration: 365 days from publishing

Updated: Nov 28, 2018

 

Problem:

ProfileUnity client will not detect the INI because the logon happens before network is available.

Description:

The ProfieUnity must be able to process ini offline and wait for the actual ini to be copied and executed with a trigger once the IP is changes/Network becomes available. 

Resolution:

Step 1) Copy all ProfileUnity Client tools to a new location.

The new location will be used for client tools which will be installed on all Laptop computers, this is separate from VDI or persistent desktops on the network. Select entire contents of:

\\domain\Netlogon\ProfileUnity and copy to \\domain\Netlogon\ProfileUnity\Laptops

Another option would be to deploy fresh copy of ProfileUnity Client tools using console: 

Go to "Administration" Page in ProfileUnity console and ProfileUnity tools section

Change "Deployment Path" to \\domain\Netlogon\ProfileUnity\Laptops than click "Update"

Click "Deploy Client Tools" and client tools will be deployed to new location.

Example:

Step 2) Creating ProfileUnity GPO for Laptops - (Use separate AD OU for laptop computer accounts)

(Clone current GPO and make following changes)

  • User Configuration (Policies): 
    • Windows Settings>Scripts>Logoff:
    • Script Name: C:\Program Files\Profileunity\Client.Net\LwL.ProfileUnity.Client.Logoff.exe
    • Administrative Templates>Classic Administrative Templates>Liquidware Labs>ProfileUnity:
      • Enabled=Enabled
      • INI File Path=C:\ProU_cache
  • Computer Configuration:
    • Administrative Templates>Classic Administrative Templates>Liquidware Labs>ProfileUnity>32 Bit or 64 Bit
      • System INI File Path=C:\Program Files\ProfileUnity\Client.net\Trigger

Step 3) Create ProfileUnity Service Account

In AD Users and Computers create a domain user account which user name is: _ProUAsAService_

(This user name has to be exact as listed above) 

Step 4) Configure ProfileUnity Client Tools to run as a service

In ProfileUnity Console go to "Administration" Page

Go to "ProfileUnity Tools" Section and complete section "Run Client Tools As Service"

Select "Deploy Service Configuration" this will deploy "LwL.ProfileUnity.Client.Service.exe.creds" file to the \\domain\netlogon\profileunity\Laptops directory.

After step 3 is completed client tools can be deployed to the laptops with GPO Windows startup script pointing to \\domain\netlogon\profileunity\Laptops\lwl.profileunity.client.startup.exe

Step 5) Create boot.INI file

Note: This boot.ini will run with ProfileUnity service account created in step 2 and 3.

Login to ProfileUnity Console and create a new configuration (Manual not Guided Configuration)

Example:

The configuration name will be "boot.ini" This boot.ini will have 3 rules configured:

One Trigger Rule:

  1. Trigger on IP address change which would run Application Launcher Module

Two Application Launcher rules:

  1. Deletes old INI from c:\ProU_cache 
  2. Copies INI files from \\domain\netlogon\ProfileUnity\Laptops\Login\ to C:\ProU_cache\

Example(s):

  • Trigger Type: IP Address Change
  • Trigger Module: Application Launcher

 

Application Launcher:

  • Filespec: %systemroot%\sytem32\cmd.exe
  • Arguments in Rule 1: /c Del C:\ProU_cache\*.ini
  • Arguments in Rule 2: /c Xcopy \\domain\netlogon\ProfileUnity\Laptops\Login\*.ini C:\ProU_cache\

Save and update the configuration. Download boot.ini

Step 6) Deploy the boot.INI

Note: This step places the boot.ini in to a folder which would be extracted on to the laptop when Client Tools are installed with startup script when the Laptop is on the local network.

Open \\domain\netlogon\profileunity\Laptops\client.net.zip with 7-zip application and press F7

Create folder called "Trigger" 

Copy the boot.ini in to the folder Trigger in client.net.zip

Save the client.net.zip file to \\domain\netlogon\profileunity\Laptops\client.net.zip

Step 7) Create login.INI file

Note: This INI is processed when user logs in (to the laptop) and current status of laptop is "Off Line" and network resources are not available yet. There could be multiple "login" ini's used.

In ProfileUnity console create configuration (Manual) with settings that will take effect on next logon to the laptop.

Note: This (login.ini) configuration can't contain any parts that require network/VPN access. 

Example:

Note: Recommended change to the "login.ini" is "Deployment Path Override" in "Main" section of Configuration.

Example:

Save and Update the login.ini or any other *.ini configuration and Download "login" ini files.

Save the login.ini or any other "Login" *.ini files  to \\domain\netlogon\ProfileUnity\Laptops\Login\ folder on the network.

Note: This file (login.ini or any *.ini in the "Login" folder) will be copied to the local machine by trigger from boot.ini which was loaded with ProfileUnity service user. Than it will be executed on next user logon to the laptop.

Step 8a) Adding Triggers to login.INI - Optional

"Login.ini" (Step 7) configuration can contain multiple "Trigger" setting to run during IP Address change (VPN/Wifi connection event) when user comes "Online" 

The Trigger(s) inside "login.ini" configuration examples:

  • Trigger 1 Type: IP Address Change
  • Trigger 1 Module: Drive Mapping
  • Trigger 1 Delay in Seconds: 30
  • Trigger 1 INI Path: \\domain\netlogon\ProfileUnity\Laptops\Triggers\Drive.ini
  • Trigger 2 Type: IP Address Change
  • Trigger 2 Module: Environment Variables
  • Trigger 2 Delay in Seconds: 30
  • Trigger 2 INI Path:  \\domain\netlogon\ProfileUnity\Laptops\Triggers\Environment.ini
  • Trigger 3 Type: IP Address Change
  • Trigger 3 Module: Message Boxes
  • Trigger 3 Delay in Seconds: 30
  • Trigger 3 INI Path:  \\domain\netlogon\ProfileUnity\Laptops\Triggers\Message.ini

Examples:

Note: When new trigger is added to the Logon.ini configuration, it (Trigger) will run on after next logon event on IP Address Change. (User must logoff and log back in and reconnect to network for the second time to trigger "Trigger" InI files.) The time of 30 seconds is added not to conflict with trigger running from boot.ini which copies the *.ini (login) files to local path. 

Another Example of triggers from login.ini:

Save and Update the login.ini or any other *.ini configuration and Download "login" ini files.

Save the login.ini or any other "Login" *.ini files  to \\domain\netlogon\ProfileUnity\Laptops\Login\ folder on the network.

Note: This file (login.ini or any *.ini in the "Login" folder) will be copied to the local machine by trigger from boot.ini which was loaded with ProfileUnity service user. Than it will be executed on next user logon to the laptop.

If "Deployment Path Override" is configured in "Login" configuration use "Deploy" button:

Step 8b) Create Trigger(s) INI files (To complete step 8a) - Optional

Note: These trigger INI's will be processes immediately after user connects to the VPN or Wifi network (After logging in to the laptop)

Create a separate "Manual" configuration.

Each Trigger INI will be created to contain only one module you would like to be executed when user connects to VPN/Wifi network (comes online).

Note: Recommended change to all trigger INI configurations is "Deployment Path Override" in "Main" section of Configuration.

Note: Folder redirection (with exception Sync Only - Don't Redirect") can't be used in any trigger ini's because explorer is already loaded on the system when trigger is initialized. 

Examples:

  • Environment.ini would only contain Environment Variable rules. 
  • Drive.ini would only contain Drive Mapping rules.
  • Message.ini would only contain drive Mapping rules.

All triggers ini files can be saved in \\domain\netlogon\ProfileUnity\Laptops\Triggers

If "Deployment Path Override" is configured in triggers ini configurations use "Deploy" button:

It will push the file automatically overwriting the old file in \\domain\netlogon\ProfileUnity\Laptops\Triggers

The changes inside the ini files will take effect immediately when user is connected to local network through VPN/Wifi. (With exception if new trigger is added to login.ini, than on next "Online connection" event)

______________________________________________________________________________________________________________

Summary:

After completing all the steps in this KB and configuration setup there should be 2 minimum configurations + Trigger configurations.

Example:

Boot.ini - Runs on system boot and sets up trigger to copy Login.ini from network when IP address change is detected.

Login.ini - Runs when user logs in to the laptop (on next logon) when Off Line and sets up triggers to run when IP Address change is detected

Environment.ini, Drive.ini, Message.ini or any other Trigger INI run when IP address change is detected but 30 seconds later after trigger from boot.ini. 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.