Password change and cached credentials

N

Neil

Hi!

I have a question / problem that has probably been posted before. But
nevertheless it still is an issue to me:

A Windows 2000 Professional workstation is a member of an NT4 domain, and on
it is installed a 3rd party VPN client software for remote connectivity. A
domain user account gets access to resources on the domain by logging on
locally using cached credentials, and then establishing a connection through
VPN.
When the password for the cached credential is the same as the one stored in
the domain SAM, things are fine.
BUT when the user say changes his/her password from another workstation,
where he/she is logged on to the domain, the problem arises: If the user
does not remember to update the cached credential on the first machine with
the new password, he/she will be denied access to the domain ressources, the
next time he/she connects through VPN.

Does anyone have any suggestions on how to solve this problem (relying on
the user to remember the password change is unfortunately NOT an option :)
?

best regards
Neil
 
S

Steven Umbach

I don't know a workaround, unless the vpn client gives you an option to logon to
the domain like the built in W2K client does which may or may not work depending
on your vpn configuration. You might try posting in the win2000 remote
access/routing newsgroup. --- Steve
 
R

Ron Bernier

Neil --

There is only one way for the remote workstation to access a domain
resource, and that's with a correct username and password for a domain
account ... The only way to do that is to ensure the user uses the correct
password on the cached credentials machine ... If relying on the user to
remember the password change is not an option, then you cannot accomplish
what you are looking to do ... Their cached password, unless they change it
to their domain password, will always deny them access ...

The only thing you may look into doing is writing some code or script to ask
them everytime they login whether or not the password they've just logged in
with is the same as their domain password, and if not, then have your script
or code run the password change utility ...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Password change vs. cached credentials with VPN 1
Cached profile problem 1
How To Change Windows 2000 Cached Account Password 1
Updating Local Computer with Cached Domain Credentials via VPN 1
synchronizing domain user Local cached credentials with domain (VP 4
windows xp cached credintals 1
Changing the cached credentials password without domain access 1
Logon using cached credentials 6

Top