User with PAW (Privileged Access Workstation) machine is not able to connect to vpn-pa and gets certificate validation failure error when attempting to connect.
Failure Reason:
The group policy pushed for all windows systems is not successfully updated on user system
Steps to follow:
Manually update group policy on PAW machine
- Connect the PAW to the regular VPN (vpn.slac.stanford.edu)
- Run “gpupdate” at a command line or in PowerShell prompt.
- Try connecting to vpn-pa again."
Troubleshooting gpupdate error:
While running gpupdate if the user gets error below make sure the user is connected to VPN (vpn.slac.stanford.edu) successfully.
Microsoft Windows [Version 10.0.19042.1165] (c) Microsoft Corporation. All rights reserved. C:\Users\<username>>gpupdate Updating policy... Computer policy could not be updated successfully. The following errors were encountered: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. User Policy could not be updated successfully. The following errors were encountered: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.
Example of successful gpupdate:
C:\Users\<username>>gpupdate
Updating policy...
Computer Policy update has completed successfully.
The following warnings were encountered during computer policy processing:
Windows failed to apply the TCPIP settings. TCPIP settings might have its own log file. Please click on the "More information" link.
User Policy update has completed successfully.
For more detailed information, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.