15: How to use Scripts Manager Event Log Triggers to Map Network Drives when a VPN is Connected

Prerequisites: PolicyPak version 2791 or higher must be used.

1. Create a new Scripts & Triggers policy on the computer side, choose switched mode like in the screenshot below.

   ​

2. At the “On apply action” screen select “PowerShell script” from the dropdown, then in the main text window, paste in the script below, check the option “Run script as user, then click “Next”.

   

3. Then click “Next” at the “On revert action” screen to skip that screen, then at the “Specify process mode” screen choose the “Once” option.
   
   

4. At the “Policy settings” screen give the policy a descriptive name then click “Finish”. 

   

5. Now create another policy (Map drives when VPN Connect Event ID is Detected) using Scripts & Triggers on the computer side, choose switched-mode like in the screenshot below.

   ​

6. At the “On apply action” screen select “PowerShell script” from the dropdown, then in the main text window, paste in the script below then change the drive mappings to match the settings needed for your environment, check the option “Run script as user, then click “Next”.

   

7. Click “Next” at the “On revert action” screen to skip that screen, then at the “Specify process mode” screen choose the “On trigger” option, then choose “Event log” from the drop down before clicking “Next” to continue.
   
   

8. Before continuing Connect to the VPN then open the Windows application log and locate the successful VPN Connection event, take note of the Level, the source, and the Event ID number for that event as you will need them in the next step.
   
   For this example I used an Azure Point-to-Site VPN connection, and the successful connection Event ID number is 20225

   

9. Now continue onward from Step 7 above using the information you gathered in Step 8, ensure your Trigger settings look similar to mine below, before clicking “Next”.
   
   
10. At the next Trigger settings screen click “Next” without editing the query.
    
11. At the Policy Settings screen provide a descriptive name for the policy and then click “Finish”.
    
     
    
    Note: You should have two policies now:

    

12. Lastly, test the policy by logging into a computer, (or run gpupdate if already logged in) and then connect to a VPN as a user who should receive the policy. If everything works you should see the network drives show up in File Explorer.

13. Optionally, create a new Scripts and Triggers policy that disconnects the drives when the VPN disconnects by using the script below and also changing the trigger to “Event log”, and configuring the correct settings for the successful VPN disconnect event. Please see below for a VPN disconnect example using Azure Point-to-Site VPN.

    
    
    VPN disconnect example using Azure Point-to-Site VPN
    

    

    Note: “On trigger” does not work with Revert action script which is why you need to create a new policy to disconnect the drives.