When a session start-up script is configured on the user role and lock down mode is enabled, the Pulse Secure Desktop client will not properly launch the script as expected. In the debuglog.log, the following log entry will appear:
00268,09 2017/10/30 08:34:10.223 1 SYSTEM PulseSecureService.exe iveConnectionMethod p1608 t2A68 ncSessionScriptsWIN.cpp:93 - 'ncAccessMethod' copy file from
'\\XXXXX\netlogon\XXXXX.vbs' to 'C:\Users\XXXX\AppData\Local\Temp\XXXXX.vbs' failed with error 1265, attempt 0
00214,09 2017/10/30 08:34:10.223 3 SYSTEM PulseSecureService.exe iveConnectionMethod p1608 t2A68 SessionScriptsProvisioning.cpp:91 - 'ncAccessMethod' Execute
session script C:\Users\XXXX\AppData\Local\Temp\XXXXX.vbs
According to Microsoft document, the error code of 1265 means:
ERROR_DOWNGRADE_DETECTED
1265 (0x4F1)
The system cannot contact a domain controller to service the authentication request. Please try again later.
This issue impacts the following releases of Pulse Secure Desktop client:
- Pulse Secure Desktop client 5.3R1 to 5.3R5
- Pulse Secure Desktop client 9.0R1