User with PAW (Privileged Access Workstation) machine is not able to connect to vpn-pa and gets certificate validation failure error when attempting to connect.
Failure Reason:
The group policy pushed for all windows systems is not successfully updated on the user system
Steps to follow:
Manually update group policy on PAW machine
- Connect the PAW to the regular VPN (vpn.slac.stanford.edu)
- Run “gpupdate” at a command line or in PowerShell prompt.
- Try connecting to vpn-pa again."
Troubleshooting gpupdate error:
While running gpupdate if the user gets error below make sure the user is connected to VPN (vpn.slac.stanford.edu) successfully.
Microsoft Windows [Version 10.0.19042.1165] (c) Microsoft Corporation. All rights reserved. C:\Users\<username>>gpupdate Updating policy... Computer policy could not be updated successfully. The following errors were encountered: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. User Policy could not be updated successfully. The following errors were encountered: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.
Example of successful gpupdate:
C:\Users\<username>>gpupdate
Updating policy...
...