G
Greg Thompson
ELC has a VPN that uses SecureID Tokens to auth into our
network/domain for remote users coming in via
DUN/Broadband. The remote users login to a cached version
of our domain upon bootup. The issue is that users, upon
connecting to our VPN are on our network, however the
cached credentials aren't updated unless they do a CTRL-
ALT-DEL and log in again. We obtained a fix for "thick
client" programs that pass along credentials on behalf of
the domain, ie.. Outlook. So, here is the scenario.. a
user logs in via cached credentials, pipes into our
domain, goes into Outlook, Outlook prompts them that, for
instance, they need to change there password, they do so,
and Outlook now has the ability to update the cached
credentials on the machine so they're not out of sync.
However, other "thin client" applications that use our
domain name/passwords do NOT have this same ability.
We're looking to figure out how to, when the VPN
connects, auto-sync the domain with the cached
credentials. It has to be possible, but we just can't
figure out how. I was thinking along the lines of
checking the Set LogonServer variable, and if/when it
differs from the computer name, run some sort of command
to network sync the credentials to the domain or vice
versa, as to how though, I can't figure it out. I was
thinking something with the mapi logon function, but
again, I'm not sure how to make it auth or if it's even
possible.
Any assistance with this would be greatly appreciated,
3rd party apps, etc. Thank you in advance.
network/domain for remote users coming in via
DUN/Broadband. The remote users login to a cached version
of our domain upon bootup. The issue is that users, upon
connecting to our VPN are on our network, however the
cached credentials aren't updated unless they do a CTRL-
ALT-DEL and log in again. We obtained a fix for "thick
client" programs that pass along credentials on behalf of
the domain, ie.. Outlook. So, here is the scenario.. a
user logs in via cached credentials, pipes into our
domain, goes into Outlook, Outlook prompts them that, for
instance, they need to change there password, they do so,
and Outlook now has the ability to update the cached
credentials on the machine so they're not out of sync.
However, other "thin client" applications that use our
domain name/passwords do NOT have this same ability.
We're looking to figure out how to, when the VPN
connects, auto-sync the domain with the cached
credentials. It has to be possible, but we just can't
figure out how. I was thinking along the lines of
checking the Set LogonServer variable, and if/when it
differs from the computer name, run some sort of command
to network sync the credentials to the domain or vice
versa, as to how though, I can't figure it out. I was
thinking something with the mapi logon function, but
again, I'm not sure how to make it auth or if it's even
possible.
Any assistance with this would be greatly appreciated,
3rd party apps, etc. Thank you in advance.