OK, just testing you :) Since Vista is more secure, this must be a security issue ;)) Security is inversely proportional to functionality. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- Microsoft Firewalls (ISA) > -----Original Message----- > From: isapros-bounce@xxxxxxxxxxxxx > [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thor > (Hammer of God) > Sent: Thursday, January 25, 2007 11:41 AM > To: isapros@xxxxxxxxxxxxx > Subject: [isapros] Re: OT: Vista VPN Client Credentials > > No less than 1 million times ;) > > For years and years I've been logging in from non-domain XP > boxes as unique > local users and VPN'ing in to remote networks with completely > different > usernames/passwords and directly accessing network resources > silently as the > VPN user, not the local interactive user. > > I know I could join the domain and/or pair up usernames and > passwords, but I > never do that. I wouldn't have usernames and passwords on a > laptop that > matched usernames and passwords on my domain- that's just silly ;) > > t > > > On 1/25/07 9:42 AM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > spoketh to > all: > > > Tim, > > > > Are you sure it actually ever worked the way you thought it > did? That is > > to say, did it actually work where where you log in > interactively with > > one set of local non-domain credentails, and then create a > remote access > > VPN client connection using a second set of credentials and > then have > > the dial-in credentials sent to the remote file servers? > > > > I think in order for that scenario to possibly work, you > have to dial-in > > via dial-up networking during interactive logon. Try that > with the Vista > > client. > > > > Worst comes to worst, you can mirror your credentials on > the non-domain > > client with the domain accout. > > > > Tom > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org > > Blog: http://blogs.isaserver.org/shinder/ > > Book: http://tinyurl.com/3xqb7 > > MVP -- Microsoft Firewalls (ISA) > > > > > > > >> -----Original Message----- > >> From: isapros-bounce@xxxxxxxxxxxxx > >> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thor > >> (Hammer of God) > >> Sent: Thursday, January 25, 2007 11:26 AM > >> To: isapros@xxxxxxxxxxxxx > >> Subject: [isapros] Re: OT: Vista VPN Client Credentials > >> > >> Hi Ara- thanks for checking. Yes, if the system is a domain > >> member, it > >> works as you describe. The point is that remote systems > >> should not need to > >> be domain members in order to VPN into a network and have the VPN > >> credentials used for access to that network's resources. > >> > >> A laptop user should not have to move around using cached > >> domain credentials > >> to log on to their system as a domain member... More > >> importantly, the local > >> users' interactive credentials should not automatically be > >> sent to a remote > >> host on a dial-up/VPN connection. That is a security issue > >> in itself... > >> > >> t > >> > >> > >> On 1/25/07 8:59 AM, "Ara Avvali" <Ara.Avvali@xxxxxxxxxxxxx> > >> spoketh to all: > >> > >>> I did a test myself last night from Vista. It dials in with > >> no problem, > >>> outlook opens fine, and I can go to \\servername\sharename and no > >>> problem. One thought, I have the firewall client for vista > >> installed and > >>> laptop is a domain member which is going back and forward > work/home > >>> > >>> -----Original Message----- > >>> From: isapros-bounce@xxxxxxxxxxxxx > >> [mailto:isapros-bounce@xxxxxxxxxxxxx] > >>> On Behalf Of Thor (Hammer of God) > >>> Sent: Thursday, January 25, 2007 7:08 AM > >>> To: isapros@xxxxxxxxxxxxx > >>> Subject: [isapros] Re: OT: Vista VPN Client Credentials > >>> > >>> Anyone? Bueller? Anyone? > >>> > >>> Is there anyone out there who is VPN'ing into a network on > >> a non-domain > >>> machine with Vista? Is it time to post to the Focus-MS list??? > >>> > >>> t > >>> > >>> > >>> On 1/24/07 12:36 PM, "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx> > >>> spoketh > >>> to all: > >>> > >>>> Greetings... I'm hoping this something stupid that I'm just not > >>> seeing, but > >>>> I'm having an issue automatically authenticating to a > >> remote network > >>> under > >>>> my VPN credential in Vista (x64). > >>>> > >>>> With XP, on a non-domain, standalone workgroup box, I > can create a > >>> standard > >>>> VPN client and log on to the remote network using my user > >> account on > >>> remote > >>>> network domain. Though I'm logged on interactively as a > >> local user on > >>> that > >>>> XP box, when I go to \\host.domain.com, my VPN credentials are > >>> automatically > >>>> used to access shared resources on the remote network. > Same thing > >>> with > >>>> connecting to a remote SQL box (requiring integrated auth). No > >>> problems at > >>>> all with XP, been doing it for years. > >>>> > >>>> However, with Vista, the credentials I use to log onto the remote > >>> network > >>>> are NOT being used when I access resources on the remote network. > >>> Browsing > >>>> to the share point results in a logon box being displayed. If I > >>> attempt to > >>>> connect to a SQL box, it says "not a trusted connection" > >> (as it would > >>> if my > >>>> local user is being used.) WTF? I've looked through and set > >>> everything > >>>> that I can, including setting the location as "Work" and > >> "Home." I do > >>> NOT > >>>> want to have to join the box to the remote domain. > >>>> > >>>> Anyone know what I'm doing wrong?? Thanks. > >>>> t > >>>> > >>>> > >>>> > >>>> > >>>> > >>> > >>> > >>> > >>> > >>> > >>> > >> > >> > >> > >> > >> > > > > > > > > > > >