SSL VPN Map Shared Drive

Unanswered Question
Jan 6th, 2010

Hi,

I have a working SSL WEB VPN solution running on an ASA 5520. The setup has been successfully tied into AD for authentication and allocation to Group Policy on the ASA.

The problem i am having is settings up 'Home' drives for users. i want for users to logon with their AD accounts and for the ASA to be able to pickup through AD the users 'Home' drive location and display it, ideally as a bookmark, for them to use.

Has anyone been able to implment this or can somone point me in th edirection of documentation that guides through the setup, i've looked but no been able to find anything usefull.

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Paul Carco Sun, 01/10/2010 - 09:48

Have you seen this?

"

File Share (CIFS) URL substitution

You can allow a more flexible bookmark configuration by using variable substitution for CIFS URLs.

If you configure the URL cifs://server/CSCO_WEBVPN_USERNAME , the security appliance automatically maps it to the user's file share home directory. This method also allows for password and internal password substitution. The following are example URL substitutions:

cifs://CSCO_WEBVPN_USERNAME:[email protected]

cifs://CSCO_WEBVPN_USERNAME:[email protected]

cifs://domain;CSCO_WEBVPN_USERNAME:[email protected]

cifs://domain;CSCO_WEBVPN_USERNAME:[email protected]

cifs://domain;CSCO_WEBVPN_USERNAME:[email protected]/CSCO_WEBVPN_USERNAME

cifs://domain;CSCO_WEBVPN_USERNAME:[email protected]/CSCO_WEBVPN_USERNAME"

http://www.cisco.com/en/US/partner/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html#wp1169923

Arif . Mon, 01/11/2010 - 03:03

Hi Paul,


Thanks for your response, yes i have already seen these options in my initial configuration.

the problem i have is that not all shares are mapped to the same server. i need the asa to be able to diffrentiate between users and point to their specific server for that particular users share drives.

i know there is an AD attribute within the account called 'logonscript' that points to a script that maps the users drives. hoever the asa wont read this.

Actions

This Discussion