/sigh/ Latops in a domain...

---

• From: "Gabe Knuth" <gknuth@xxxxxxxxxxxxxx>
• Date: Wed, 29 Jun 2005 16:05:52 -0500

---

This old battle again...

We've got an AD (previously used only Netware for the PC's) with 1200 or so
users in it. About 100 of those are laptop users that are rarely in the
office.

In the past, the users would log on to their local machine, connect via
Contivity VPN, then authenticate to a Windows file share in a domain that
pretty much only servers were in by using their domain credentials. Their
passwords were set to never expire and were synched manually with their
Novell and local machine passwords.

Now we're adding them to AD. We've got a corporate SOX policy in place, so
each user is required to change their password afte x-number of days.
Problem is, these users don't connect to the network with their laptops
before their password expires. That works OK for the local machine, it'll
just cache it until they plug in again, but if they log on with their cached
password (after connecting to the VPN), they won't be able to connect to the
file share.

What's everyone else doing in situations like this? I've been trying to
find a way to have their dial-up client and their VPN client launch before
the logon to the box. That should fix this. It seems to me there is a
simpler way, and I'm just mucking it up and over thinking it.

Any thoughts are appreciated.

Thanks,
Gabe


.

---

• Follow-Ups:
  • RE: /sigh/ Latops in a domain...
    • From: Tom Che [MSFT]

• Prev by Date: Re: cannot run CMD or REGEDIT from start menu NTVDM has encountered illegal instrution
• Next by Date: Starnge desktop behavior with fast user switching
• Previous by thread: cannot run CMD or REGEDIT from start menu NTVDM has encountered illegal instrution
• Next by thread: RE: /sigh/ Latops in a domain...
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: domain not available ... Well, if you are offsite, you will not be able to log into the domain, unless you have a logon server with a GC of the same AD/ Domain. ... Establish a VPN connection to the SBS Server ... > administrator of the local machine and uninstall and reinstall Active Sync. ... (microsoft.public.windows.server.sbs) Re: Windows XP Login in a Domain ... and settings on the local machine. ... standard (power) user on the domain but still have administrator rights on ... Be sure you have some policies in place either in Group Policy ... use resources on their home network to work from home via VPN. ... (microsoft.public.windowsxp.general) VPN not working ... Is the firewall on that local machine? ... >I have several staff members who use VPN from home ... >DSL. ... The ones that use 2000 Pro can ping a local server ... (microsoft.public.windowsxp.general) Re: VPN over internet ?? ... What kind of a router/firewall are you using? ... VPN server to do this, and the router has to be enabled to accept VPN ... > another folder on the local machine. ... (microsoft.public.windowsxp.network_web) Re: server 2003 activation ... could i link up with the vpn someway from my local machine ... with win 2000 server vpn enabled? ... >Kristofer Gafvert - IIS MVP ... (microsoft.public.windows.server.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)