VPN Authentication to AD
- From: "Stan Cooper" <stanc@xxxxxxxxxx>
- Date: Thu, 5 Oct 2006 14:57:56 -0500
We have a single Windows 2003 domain in Domain and Forest Functional 2003
Level with a Cisco 3000 VPN Concentrator. The VPN Concentrator is setup to
authenticate users via Kerberos/Active Directory and works for 97% of our
users. We also have a very strange problem with some accounts
authenticating and in all of the troubleshooting I've done the articles and
error messages point to the Dial-In / VPN properties not being set correctly
even though the radio button for Allow Access is populated.
This problem does not occur to newly created accounts, but it can be
replicated if I copy an account that has the problem when creating a new
user. I finally troubleshot the problem to the Profiles Tab in the User
Properties. If any of the fields in that tab are populated then the
authentication fails. If I clear all boxes (Logon Script, Home Drive, Etc.)
authentication occurs like it should.
What can I do to fix this? Is there some corruption in the account? Can
the accounts be repaired with ADSI Edit or another utility?
Stan Cooper
.
- Follow-Ups:
- RE: VPN Authentication to AD
- From: Brian Delaney [MSFT]
- RE: VPN Authentication to AD
- Prev by Date: Re: How to iew Passwords?
- Next by Date: Re: ADAM LDAP Query using 'Sounds Like' filter
- Previous by thread: Re: Errors when using Group Policy Inventory Tool
- Next by thread: RE: VPN Authentication to AD
- Index(es):
Loading
