User with onsite and remomote computer Domain OpenVPN


I have a user that has an office computer and a computer they use at home. The home computer is connected over OpenVPN to the PFsense firewall. the user is required to change their password every 30 days. They do it from the office, but the home computer stays the old password. They don’t always connect to the VPN because they don’t need to if they are just checking email.

Even after connecting to the VPN, the password does not update. Once they connect and the password has changed, they can not access remote resources at the office (network drives) I try running gpupdate /force and I get the error below

"User Policy could not be updated successfully. The following errors were encountered:

The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful.

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results."

I can disconnect from the domain and rejoin and things work fine for the next month or so, but then the next time the password is changed, it does not come over.

Do I need a persistent VPN connection to the server? Or is there something I am missing. I can bing the server and I can ping the domain (domainname.local)

Yes you should have a persistent VPN to keep the AD in sync on the workstation and the server.