- #PING RESPONSE TIME SPIKES FORTINET VPN TUNNEL REGISTRATION#
- #PING RESPONSE TIME SPIKES FORTINET VPN TUNNEL OFFLINE#
- #PING RESPONSE TIME SPIKES FORTINET VPN TUNNEL WINDOWS#
The needed VPN configuration needs to be applied during device ESP.
#PING RESPONSE TIME SPIKES FORTINET VPN TUNNEL WINDOWS#
“always on”) or it needs to be one that the user can manually initiate from the Windows logon screen.
With that option checked, the device will reboot as soon as the ODJ blob is received and applied. That’s the key change we made: You can now choose to skip this ping test by checking the new box: That was done so that we would “fail fast” – if there was no connectivity, why continue on only to end up with a device where the user couldn’t log on? Prior to the new feature we added, there was another step between #6 and #7, done before the device would reboot to complete the join process: Autopilot would attempt to ping the domain controller (using information from the ODJ blob to figure out what to ping). What’s changed is what happens after the ODJ blob is received by the device. This same process has been in place since the Autopilot Hybrid Azure AD Join process was put in place, so nothing has changed here.
An ODJ Connector request will be generated with these details. Intune will determine the “Domain Join” profile for the device, which specify the Active Directory domain name, OU, and naming prefix.
#PING RESPONSE TIME SPIKES FORTINET VPN TUNNEL OFFLINE#
It will indicate to Intune that it wants to perform an offline domain join (ODJ).
#PING RESPONSE TIME SPIKES FORTINET VPN TUNNEL REGISTRATION#
After the device has joined Active Directory, a background process will eventually complete the Hybrid Azure AD Join device registration process.
Windows Autopilot orchestrates the process for getting the device joined to Active Directory.Before we get into the detail on that, it’s worth reading up on the Hybrid Azure AD Join process – see my previous blog on that subject. It has taken a long time, and there have been plenty of bumps along the way, but it’s finally available in public preview: You can perform a user-driven Hybrid Azure AD Join deployment over the internet, using a VPN connection to establish connectivity so the user can sign into the device.