Chat now with support
Chat with Support

Welcome, erwin customers to Quest Support Portal click here for for frequently asked questions regarding servicing your supported assets.

KACE Desktop Authority 11.1 - Administrator Guide

Administrator's Guide
Product Improvement Program Installation Help Concepts User Interface Validation Logic Configuration Computer Management User Management Reference File Paths
Setup Tool

Desktop Authority for VPN Clients

Desktop Authority for VPN Clients

When remote users login to their machines (using cached credentials) and establish a VPN connection to the network, Desktop Authority will not run. Desktop Authority can be configured to fire an event when a network connection (VPN) is established.

Desktop Authority uses Network Location Awareness to detect when a new network connection becomes available. Once the new connection is detected, Desktop Authority will be notified and can then determine whether it will execute for the user.

Configuration settings

Configuring Desktop Authority for VPN Clients requires a few simple registry settings.

IMPORTANT: Always use caution when manipulating the registry on any computer. Changes made to the registry happen immediately, and no backup is automatically made. Make sure to back up or export the registry key or subkey before making your changes.

VPN Client configuration settings are made on the client machine to the following registry hive/key depending on the computer's architecture.

  • 64-bit: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ScriptLogic
Enable Desktop Authority for VPN Clients

Purpose: Enables or disables the VPN Client feature in Desktop Authority.

Applies to: User Management, Computer Management

Value name: EnableNLA

Value type: REG_DWORD

Value data: 1 (Enable), 2 (Disable - Default)

Login script validation

Purpose: Desktop Authority for VPN Clients will verify that the user has been assigned SLogic or SLogic.bat as their logon script. Desktop Authority will validate and execute for any user that has SLogic or SLogic.bat configured as their logon script in Active Directory.

If the company implementation of Desktop Authority does not assign Slogic or Slogic.bat as their user's logon script, an alternate script name can be defined using the NLAAltScript value. The specified script is used to validate that the user logged into the computer is a Desktop Authority user.

Note: Multiple alternate script file names may be specified. Delimit each file name with a comma.

Applies to: User Management, Computer Management

Value name: NLAAltScript

Value type: REG_SZ

Value data: The name of the alternate login script file




Connection time interval

Purpose: Desktop Authority will execute when a new network connection is detected and the user's assigned logon script has been validated. If the connection is dropped and then reestablished within 30 minutes, the default, Desktop Authority will not execute again. In order to change the time interval, use the NLAperiod value.

Applies to: User Management, Computer Management

Value name: NLAperiod

Value type: REG_DWORD

Value data: 0 (No Restriction/Disabled), 1 - 86400 (in seconds, default -1800 seconds/30 minutes)

User Management event type

Purpose: When a new network connection is detected and the user's assigned logon script is validated, a Refresh event will be triggered. To override the event that occurs when Desktop Authority executes use the NLAUBMEvent value.

Applies to: User Management

Value name: NLAUBMEvent

Value type: REG_SZ

Value data: Logon or Refresh or Logoff (Default - Refresh)

Note: If Logon is specified, the Desktop Authority client splash screen will be displayed. However, the client splash screen is not displayed during a Refresh or Logoff event.

Alternate script location

Purpose: When Desktop Authority is executed, the SLogic.bat file is executed from the NETLOGON shared folder, by default. To instruct Desktop Authority to look in a different location for Slogic.bat use the NLAUBMLocation value. The full UNC path must be entered.

Applies to: User Management

Value name: NLAUBMLocation

Value type: REG_SZ

Value data: path of the logon script (Default - %Logonserver%\Netlogon)

Note: If the location of the login script is %Logonserver%\Netlogon, the default, then the NLAUBMLocation does not need to be specified.




Hide command prompt

Purpose: The main purpose of this registry setting is to allow for troubleshooting in the case where Desktop Authority is not being executed properly.

By default, when Desktop Authority is executed, the command prompt window for SLogic.bat will be hidden. To display the SLogic.bat command prompt window when Desktop Authority is executed, configure the NLAShowWindow value to 1.

Applies to: User Management

Value name: NLAShowWindow

Value type: REG_DWORD

Value data: 0 (Disable– Default), 1 (Enable)

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating