1. The runbook grants a user VPN access by making changes to their Active Directory profile after their request is approved. 2. It runs .NET scripts to extract the user's SAM account name and grant VPN access by setting the msnpallowdialin property to true. 3. It then gets information on the user and their manager from Active Directory to notify them by email that VPN access was granted.