KB43811 - Pulse Secure Desktop client cannot launch a configured session start-up script when lock down mode is enabled.

This article describes an issue where Pulse Secure Desktop client does not launch the session start-up script when lock down mode is enabled.

When a session start-up script is configured on the user role and lock down mode is enabled, the Pulse Secure Desktop client will not properly launch the script as expected.  In the debuglog.log, the following log entry will appear:

00268,09 2017/10/30 08:34:10.223 1 SYSTEM PulseSecureService.exe iveConnectionMethod p1608 t2A68 ncSessionScriptsWIN.cpp:93 - 'ncAccessMethod' copy file from 
'\\XXXXX\netlogon\XXXXX.vbs' to 'C:\Users\XXXX\AppData\Local\Temp\XXXXX.vbs' failed with error 1265, attempt 0
00214,09 2017/10/30 08:34:10.223 3 SYSTEM PulseSecureService.exe iveConnectionMethod p1608 t2A68 SessionScriptsProvisioning.cpp:91 - 'ncAccessMethod' Execute 
session script C:\Users\XXXX\AppData\Local\Temp\XXXXX.vbs

According to Microsoft document, the error code of 1265 means:

ERROR_DOWNGRADE_DETECTED
1265 (0x4F1)
The system cannot contact a domain controller to service the authentication request. Please try again later.

This issue impacts the following releases of Pulse Secure Desktop client:

• Pulse Secure Desktop client 5.3R1 to 5.3R5
• Pulse Secure Desktop client 9.0R1

This issue occurs due to lock down mode remains enabled when attempting to retrieve and copy the session start-up script.

To resolve this issue, please upgrade to the following releases:

• ​Pulse Secure Desktop Client 9.0R2
• Pulse Secure Desktop Client 5.3R6