Re: Remote accessing file shares problem

---

• From: NRC Help <NRC_Support@xxxxxxxxxxxxxxxx>
• Date: Mon, 10 Jul 2006 12:08:01 -0700

---

1. I belive it does, but we have very limited ability to customize it's
functionality since we don't maintain the concentrator (I believe).

2. I agree that when the UPN is used it should contact the DC - but it
should also contact the DC when domain\username is used.

3. Before....? Yes. Afterwards too. Same results.

4. This is a recent change though. What changed and why? I agree that there
could be something changed in our environment, but help isolating that would
be nice.

5. Since I don't have controll/access to the concentrator, that won't do me
much good.

Thanks for the help though.


"Vincent Xu [MSFT]" wrote:

Hi,

I have following thoughts:

1. Did the Cisco client has the similar function as MS VPN client that "Log
in with dialup connection"?

2. When you use UPN name to verify the user name & password, I think it
should contacted the GC. That's why it is logged on successfully.

3. As you said, you modified the LMhost file, did you restart the computer
before you modify it?

4. As we know, when you logged on as cached credential and later attempts
to establish a VPN connection to the network and enters credentials, no
interactive logon is attempted. Thus, no access token was made. That is why
you are prompted to ask for user name and password later.

5. As I said in Point 1, you can try to contact Cisco to see if their
client has the function.

I hope the information helps. Let me know if you still have concerns.


Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no rights.
======================================================



--------------------

Thread-Topic: Remote accessing file shares problem
thread-index: AcaiHALt+aGbGzv4TRqcBDNsVC72xA==
X-WBNR-Posting-Host: 67.172.94.222
From: =?Utf-8?B?TlJDIEhlbHA=?= <NRC_Support@xxxxxxxxxxxxxxxx>
References: <33E3ABD9-FAF2-40FA-8E79-C9A771968E8D@xxxxxxxxxxxxx>

<O6$kVQgoGHA.4240@xxxxxxxxxxxxxxxxxxxx>

Subject: Re: Remote accessing file shares problem
Date: Fri, 7 Jul 2006 16:21:01 -0700
Lines: 47
Message-ID: <85068CF5-1ABC-4F55-9240-32AACC70F75E@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.windows.server.networking
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl

microsoft.public.windows.server.networking:40182

NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.windows.server.networking

Thanks for the strong reply. Of course the LMHosts file is in no way an

end

solution, simply a means to troubleshoot at this point.

Reading your post, I assume you're working with the MS VPN client.

However,

I'm working with the Cisco VPN client, and the concentrator is outside of

my

control. Any tips on the client end before I go digging?

Thanks.

"Phillip Windell" wrote:

"NRC Help" <NRC_Support@xxxxxxxxxxxxxxxx> wrote in message
news:33E3ABD9-FAF2-40FA-8E79-C9A771968E8D@xxxxxxxxxxxxxxxx

Client is prompted for username/password for the fileshare. Client

enters

"domain\username" and their password. The following error is received:

---
"The user name you typed is the same as the user name you logged in

with.

That user name has already been tried. A domain controller cannot be

found

to
verify that user name."

What is causing this condition? I do not think that the client, using
cached
domain credentials, should be prompted for a username/password at all

when

accessing domain resources. Further, the fact that "domain\user" does
_not_
work and "user@domain" _does_ is very curious.

Forget the LMHOST file and put them back the way they were.

In the Configuration of the Dialup Connection (the VPN Connection)
statically give it the DNS and WINS (if you have WINS) for the LAN.
Normally DHCP would give these but some VPN "Devices" won't give the

Clients

that,...they only give the IP# and mask.

It is also a good thing if the users enable the checkbox seen at the
Ctrl-Alt-Del prompt that says "Log in with dialup connection". This

causes

the machine to enable the VPN first,...then log the user into the
machine,..which creates the same effect as logging into the Domain

locally.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

.

---

• Follow-Ups:
  • Re: Remote accessing file shares problem
    • From: Vincent Xu [MSFT]

• References:
  • Re: Remote accessing file shares problem
    • From: Vincent Xu [MSFT]

• Prev by Date: Group Policy for Remote Desktop
• Next by Date: Cannot ping one of the IPs on the server
• Previous by thread: Re: Remote accessing file shares problem
• Next by thread: Re: Remote accessing file shares problem
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: VPN via Wireless Broadband ... I don't know how timing-sensitive VPN connections are. ... Browsing to the User shared folder from the client doesn't work. ... shares on the server and SYSVOL is there and one can use Windows ... How to configure a VPN connection to your corporate network in Windows XP ... (microsoft.public.windows.server.sbs) RE: VPN - SBS2003 ... I understand that the remote client cannot connect to ... What error information did you receive when the VPN terminated? ... Can you establish the VPN connection to the SBS Server from internal ... (microsoft.public.windows.server.sbs) Re: VPN Issue ... I have read some articles about this subnet issue, so I know what you mean. ... I then connect to my network using the VPN connectoid. ... a new network adapter in the client directly to one in the server. ... But ONLY if I add in the domain.local DNS suffix to the VPN connection. ... (microsoft.public.windows.server.sbs) RE: error 628 in vpn ... firewall blocks the VPN traffic. ... is used when you want to enable remote access if your remote client ... As you mentioned the VPN connection can be made from a SBS LAN ... client, the configuration of the RRAS itself should be OK. ... (microsoft.public.windows.server.sbs) RE: Opinions required - GoToMyPc.com ... How does the VPN Concentrator provide access in the likes of PC-Anywhere to ... They already have a IPSec Client VPN solution on the FW-1, ... but much more secure would be the Cisco VPN ... (Security-Basics)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)