Re: Cached credentials, VPN connection, authentication failed.

From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 11/05/04


Date: Fri, 5 Nov 2004 10:08:54 -0500

Replied in another group.
Dirk wrote:
> Hi,
>
>
>
> Client: Windows XP Pro SP2
>
> Server: Windows 2000 Server SP4 (DC, AD)
>
>
>
> I logon to my laptop with cached domain credentials (Event ID: 5719,
> Source: Netlogon). I start a VPN connection to my corporate network
> with a Cisco VPN client. I can ping our servers,...
>
>
>
> When I want to make a connection to a server share \\192.168.0.3\data
> i see a window asking my domain credentials. I give these credentials:
> DOMAIN\Username and the password (same as the cached domain
> credentials). I receive an error message that: "this account is the
> same as the one logged on to the system and that this account was
> tried before to logon. There is no domain controller available to
> validate this account."
>
>
>
> At the same time i see these errors in the system log of the Windows
> XP client:
>
> Event ID: 40960, Source: LSASRV, Category: SPNEGO (Negotiator)
>
> Event ID: 40961, Source: LSASRV, Category: SPNEGO (Negotiator)
>
>
>
> When i use other credentials to logon to this share
> (DOMAIN\AnotherUsername and the password - NOT the same credentials
> as the cached domain credentials) there is no problem. I don't see
> any messages in the event log.
>
>
>
> When i logon to this laptop with a local account (no cached domain
> credentials), start the VPN connection and make a connection to
> \\192.168.0.3\data with DOMAIN\Username i don't have any problem
> either.
>
>
>
> It seems that the problem is that the logon process only wants to
> validate my account only one time. At start-up the domain controller
> is not yet available and thus the system is using the cashed domain
> credentials. When my domain controller is available (vpn is active)
> the system doesn't want to validate my account anymore....
>
>
>
> Does anyone have an idea?
>
> Thanks in advance!
>
>
>
> Dirk