Tablet OS: Windows XP Tablet Edition 2005 v2002 sp2
We have a large remote user community who use the VPN to download e-mail, etc. They rarely use a GINA-VPN login but can access company info after logging into their cached domain profile (cachedlogonscount=10) and using the VPN. Some of these users are required to attend training events at regional offices or hotels. For training, they are asked to log into a local training profile so that training materials do not impact the live domain profile. The system does have UPHClean and requires the date/time to be set months even years prior to meet certain training scenarios.
The issue is that after accessing the local training profile (non-complex password), a few of the users experience a strange anomaly where the local training profiles login password has replaced the live users login password (complex password and maxpassage=60 days). The easiest way for us to resolve is to have the user log into the live profile via the GINA-VPN and refresh their credentials.
Please note we have not been able to reproduce the issue in the lab and are still in the process of capturing an image or tablet that is exhibiting the issue.
Im turning to you for thoughts on how this could be possible and where the breakdown might be occurring? Expired domain password, corrupt cached credentials or password verifier, incorrectly mapped SID/GUID? Thank you in advance.