11-05-2021
06:08 AM
- last edited on
11-05-2021
01:53 PM
by
kh_jenn
Good afternoon all,
So I've made some great progress on getting netskope to run so I can access all my network resources etc when it's up and running. However I've run into an issue when it comes to doing a remote Hybrid AD join.
The application is packaged up and working
I can access my domain controllers when not on a VPN through netskope private access.
What I can't do at the moment is domain join machines remotely, is there a way that I can for want of a better word, bodge the install or configure it in such a way so I can open network access and then authenticate against my on-prem domain controllers? I read somewhere that you can use NSBranding.JSON or something to enable the configuration but I can't find any official documentation.
Thanks
RGE_Master
11-08-2021 05:10 AM
Good morning RGE_Master,
Currently, Private Access only runs in as the logged in user and there is currently no way with the current product to have a tunnel come up prior to login. Do you have a local admin account provisioned on these devices? If so, my suggestion is to log in for the first time with the local admin account, which will allow the NPA tunnel to connect, then do a domain join. Do not reboot, but instead after joining the domain, switch user to a domain user which will then cache the credentials of the now logged in domain user.
I would also suggest reaching out to your SE so they can line up a call with the product manager so you can hear of our plans to better address this use case in the coming months.
12-03-2021 04:42 PM
Hello,
We are actively developing capability in NPA, to allow Windows PCs to connect to Domain Controllers, w/o requiring the user to authenticate into the Netskope Client. This would be similar to the Pre-login capability that exists in traditional VPN solutions. Is this something you are interested in learning more about? If so, please DM me or have your account team ping me.
Kunal Shah,
Product Manager,
Netskope Private Access
02-12-2022 07:12 AM
Hi Kunal,
Our company also would benefit greatly from the pre-login capability for Domain Controller connectivity.
Best regards,
Etienne le Comte
Solution Architect TBI
02-14-2022 01:24 PM
Hello,
Please send me a DM with your email info. I would like to setup sometime to review the solution that is under development.
Kunal
04-27-2022 06:22 AM
Hi Kunal,
I just sent the DM.
Etienne
04-26-2022 12:12 PM
We would also be very interested in this
04-27-2022 07:19 AM
@KunalShah can you help @chrisisinclair? This member is interested in learning more about the pre-login capability for Domain Controller connectivity.
04-27-2022 07:24 AM
Hi, @chrisisinclair. Welcome to the community! I'm on the community team (not an SME). Let me know if you need any help with the community. Just @mention @JulieB and I can help you to find the right staff to answer your questions. Also, feel free to send me any community feedback through a DM. Thanks again for joining us!
Best,
Julie
05-20-2022 11:44 AM
@chrisisinclair DM me so that we can connect and discuss
05-13-2022 11:02 AM
Can someone here confirm if NPA Pre-Logon is GA yet?
05-20-2022 11:43 AM
@jdom not yet, still in beta - but works pretty darn well and we're close. Feel free to DM me if you want to connect to get more info or get your hands on it earlier.
05-20-2022 02:08 PM
We do have access but I can't say with confidence that Pre-Logon is working at all for us.
But I think we may just wait until it is GA before pursuing it again.
05-20-2022 02:15 PM
@jdom I am the Product Manager for NPA. I would like my team to assist you with pre-logon testing and also review your use case. What is the best way to reach you?
Kunal
05-23-2022 10:42 AM
I will shoot you a DM with details.
3 weeks ago
Hello @jdom , I hope the call to review the prelogon config was useful. Is prelogon working as expected?
3 weeks ago
Hello @KunalShah,
The call was very informative! However, we've chose to wait for GA since I recall we discovered we were facing an issue in the Netskope client that would be fixed in next release.
We have recently moved the entire organization to NPA so Pre-login will be an exciting next step.
2 weeks ago
@jdom glad to hear this. We will keep you posted on GA.
Thursday
We are also testing NPA with Pre-Login. Works fine, so looking forward to GA.