Set up cached credentials

[snowburnt]

Hey all,

We have remote users that we want to VPN into the network using
something other than MS RRAS. The VPN works great, but when we try to
get to network shares we have to log in the first time.

Is there ANY way that we can create cached credentials on a remote
computer that is not a member of the domain?

thanks

 

[Steven L Umbach]

Cached credentials [as defined by Microsoft] are only possible on a computer
that is a member of an Active Directory domain. However if the user logs
onto their computer with a "local" user account that exists as a user
account/password in Active Directory that may work. Otherwise see if their
is an option to specify their domain when they try to logon via VPN.

Steve

 

[snowburnt]

We are using a sonicwall VPN client that uses LDAP AD authentication
(it looks like it starts an LDAP session as the domain admin and then
authenticates the user). Most of these people are remote and don't
have a company computer (for variou$ reasons) and their computers are
non standard, but we'd still like to keep it as simple as possible.

It worked fine using the microsoft client, but due to security issues
with MPPE, we're trying to move away from that.

thanks,

Cached credentials [as defined by Microsoft] are only possible on a computer
that is a member of an Active Directory domain. However if the user logs
onto their computer with a "local" user account that exists as a user
account/password in Active Directory that may work. Otherwise see if their
is an option to specify their domain when they try to logon via VPN.

Steve

Hey all,

We have remote users that we want to VPN into the network using
something other than MS RRAS. The VPN works great, but when we try to
get to network shares we have to log in the first time.

Is there ANY way that we can create cached credentials on a remote
computer that is not a member of the domain?

thanks- Hide quoted text -- Show quoted text -

 

[Steven L Umbach]

I can't think of any help for your situation unless you can use l2tp with
the built in MS VPN client. L2tp which uses ipsec and mutual computer
authentication is very secure. You might also try calling Sonicwall support.

Steve

We are using a sonicwall VPN client that uses LDAP AD authentication
(it looks like it starts an LDAP session as the domain admin and then
authenticates the user). Most of these people are remote and don't
have a company computer (for variou$ reasons) and their computers are
non standard, but we'd still like to keep it as simple as possible.

It worked fine using the microsoft client, but due to security issues
with MPPE, we're trying to move away from that.

thanks,

Cached credentials [as defined by Microsoft] are only possible on a
computer
that is a member of an Active Directory domain. However if the user logs
onto their computer with a "local" user account that exists as a user
account/password in Active Directory that may work. Otherwise see if
their
is an option to specify their domain when they try to logon via VPN.

Steve

message

Hey all,

We have remote users that we want to VPN into the network using
something other than MS RRAS. The VPN works great, but when we try to
get to network shares we have to log in the first time.

Is there ANY way that we can create cached credentials on a remote
computer that is not a member of the domain?

thanks- Hide quoted text -- Show quoted text -

 

[snowburnt]

Have you ever set up an L2TP server? does the server need a public IP
on the NIC? can the client be behind a firewall?

Thanks,

--Bart

I can't think of any help for your situation unless you can use l2tp with
the built in MS VPN client. L2tp which uses ipsec and mutual computer
authentication is very secure. You might also try calling Sonicwall support.

Steve

We are using a sonicwall VPN client that uses LDAP AD authentication
(it looks like it starts an LDAP session as the domain admin and then
authenticates the user). Most of these people are remote and don't
have a company computer (for variou$ reasons) and their computers are
non standard, but we'd still like to keep it as simple as possible.

It worked fine using the microsoft client, but due to security issues
with MPPE, we're trying to move away from that.

thanks,

Cached credentials [as defined by Microsoft] are only possible on a
computer
that is a member of an Active Directory domain. However if the user logs
onto their computer with a "local" user account that exists as a user
account/password in Active Directory that may work. Otherwise see if
their
is an option to specify their domain when they try to logon via VPN.
Steve
message
Hey all,
We have remote users that we want to VPN into the network using
something other than MS RRAS. The VPN works great, but when we try to
get to network shares we have to log in the first time.
Is there ANY way that we can create cached credentials on a remote
computer that is not a member of the domain?
thanks- Hide quoted text -- Show quoted text -- Hide quoted text -

- Show quoted text -