[isapros] Re: OT: Vista VPN Client Credentials
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Thu, 25 Jan 2007 11:42:17 -0600
Tim,
Are you sure it actually ever worked the way you thought it did? That is
to say, did it actually work where where you log in interactively with
one set of local non-domain credentails, and then create a remote access
VPN client connection using a second set of credentials and then have
the dial-in credentials sent to the remote file servers?
I think in order for that scenario to possibly work, you have to dial-in
via dial-up networking during interactive logon. Try that with the Vista
client.
Worst comes to worst, you can mirror your credentials on the non-domain
client with the domain accout.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx
> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thor
> (Hammer of God)
> Sent: Thursday, January 25, 2007 11:26 AM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: OT: Vista VPN Client Credentials
>
> Hi Ara- thanks for checking. Yes, if the system is a domain
> member, it
> works as you describe. The point is that remote systems
> should not need to
> be domain members in order to VPN into a network and have the VPN
> credentials used for access to that network's resources.
>
> A laptop user should not have to move around using cached
> domain credentials
> to log on to their system as a domain member... More
> importantly, the local
> users' interactive credentials should not automatically be
> sent to a remote
> host on a dial-up/VPN connection. That is a security issue
> in itself...
>
> t
>
>
> On 1/25/07 8:59 AM, "Ara Avvali" <Ara.Avvali@xxxxxxxxxxxxx>
> spoketh to all:
>
> > I did a test myself last night from Vista. It dials in with
> no problem,
> > outlook opens fine, and I can go to \\servername\sharename and no
> > problem. One thought, I have the firewall client for vista
> installed and
> > laptop is a domain member which is going back and forward work/home
> >
> > -----Original Message-----
> > From: isapros-bounce@xxxxxxxxxxxxx
> [mailto:isapros-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Thor (Hammer of God)
> > Sent: Thursday, January 25, 2007 7:08 AM
> > To: isapros@xxxxxxxxxxxxx
> > Subject: [isapros] Re: OT: Vista VPN Client Credentials
> >
> > Anyone? Bueller? Anyone?
> >
> > Is there anyone out there who is VPN'ing into a network on
> a non-domain
> > machine with Vista? Is it time to post to the Focus-MS list???
> >
> > t
> >
> >
> > On 1/24/07 12:36 PM, "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
> > spoketh
> > to all:
> >
> >> Greetings... I'm hoping this something stupid that I'm just not
> > seeing, but
> >> I'm having an issue automatically authenticating to a
> remote network
> > under
> >> my VPN credential in Vista (x64).
> >>
> >> With XP, on a non-domain, standalone workgroup box, I can create a
> > standard
> >> VPN client and log on to the remote network using my user
> account on
> > remote
> >> network domain. Though I'm logged on interactively as a
> local user on
> > that
> >> XP box, when I go to \\host.domain.com, my VPN credentials are
> > automatically
> >> used to access shared resources on the remote network. Same thing
> > with
> >> connecting to a remote SQL box (requiring integrated auth). No
> > problems at
> >> all with XP, been doing it for years.
> >>
> >> However, with Vista, the credentials I use to log onto the remote
> > network
> >> are NOT being used when I access resources on the remote network.
> > Browsing
> >> to the share point results in a logon box being displayed. If I
> > attempt to
> >> connect to a SQL box, it says "not a trusted connection"
> (as it would
> > if my
> >> local user is being used.) WTF? I've looked through and set
> > everything
> >> that I can, including setting the location as "Work" and
> "Home." I do
> > NOT
> >> want to have to join the box to the remote domain.
> >>
> >> Anyone know what I'm doing wrong?? Thanks.
> >> t
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
> >
> >
>
>
>
>
>
Other related posts:
