Re: Using cached credentials
- From: "Bill Grant" <not.available@online>
- Date: Thu, 12 Jul 2007 12:02:25 +1000
"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:OU8hT18wHHA.5028@xxxxxxxxxxxxxxxxxxxxxxx
Joey <Joey@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
HELP! I started working this new job several months ago. I have
about 50 users that work from home regularly. I have them logging
into their laptops using their cached credentials and that works
great. They use Cisco VPN client and they are able to RDP into their
workstations at work.
Well and good.
However, we would like them not to RDP into
their workstation so that they can have access to the network drives.
We want them to use cached credentials to login to the laptop, use
our VPN client and then access their network drives.
Oh my heavens, why? The performance for any kind of file access over VPN
is not going to be great, even with smallish files. You are *much* better
off continuing to use RD - whether to their desktops, or to a Terminal
Services box (better still).
I created a
script to map these network drives automatically but the network
indicates it requires user credentials and passwords (which would be
okay) but when we put in the user's id and password it responds that
the user is already logged into the system and can't login twice.
We were able to get everything to work if we logged into the computer
using a local account, VPN into the network and then used the user's
id and password. I am sure it is probably a local computer policy
but can't seem to figure it out. Any help is appreciated.
I'm presuming the passwords haven't been changed on the server & not
updated on the client, and that your DHCP/RAS server is giving them the
correct IP info (no public DNS servers, for one).
When the user has the VPN tunnel enabled, make sure they can ping the
server by name (meaning, they can ping SERVERNAME and get a reply from
SERVERNAME.domain.com).
I personally like to 'delete all' ... then remap without creating a
persistent connection, so I'd then have them try:
net use * /del
net use x: \\server\share /persistent:no
But again, I don't think this is going to be a good solution for most
users, unless you are having them connect, sync to offline files via one
of many methods, and have them work on the local copy. TS/RD is so much
more efficient where bandwidth is concerned; all that's getting sent
across the wire are mouse/keyboard info & screenshots.
You could get around the credentials problem by using the "Log in using
a dualup connection" option in the login dialog box. Instead of doing a
local login first, the user logs into the domain as a remote user. But like
Lanwench I can't imagine why you would want to use that method instead of
RDP/TS. If you think VPN gives you extra security, set up a VPN connection
an then run terminal services across the VPN link. That way only the KVM
data has to cross the VPN link.
.
- References:
- Re: Using cached credentials
- From: Lanwench [MVP - Exchange]
- Re: Using cached credentials
- Prev by Date: Re: ACL problem
- Next by Date: logging on to a server 2003 domain
- Previous by thread: Re: Using cached credentials
- Next by thread: Re: Using cached credentials
- Index(es):
Relevant Pages
|
