SDL for SmartConsole-Managed Clients

To create an SDL-enabled client:

1. Make a self-extracting client package.

2. In Options > Advanced, select Enable Secure Domain Logon (SDL).

3. In the Administration tab, generate the client and then distribute it.

If you give users a client MSI without SDL enabled, each user must manually enable it and restart the computer.

Note - SDL is not supported on a site that uses a CAPI certificate.

To help users enable SDL on a client:

1. Right-click the client icon and select VPN Options.

2. In Options > Advanced, select Enable Secure Domain Logon (SDL).

3. Click OK.

4. Restart the computer and log in.

To enable Remote Access Clients to use SDL:

1. On SmartConsole, open the policy to be installed on Endpoint Security VPN clients: File> Open.

2. Open the Desktop tab.

3. Add inbound and outbound rules to allow the NetBIOS over TCP/IP service group:

   • Source and Destination = Domain Controller and Remote Access VPN

   • Service = NBT

   • Action = Allow

4. Install the policy.