?
Solved

Adding A System connected via VPN to domain.

Posted on 2009-07-14
6
Medium Priority
?
200 Views
Last Modified: 2012-05-07
I have a system that I added to my domain over a VPN connection. It successfully added, but after restart when I try to login to a domain account, it says it cannot locate a domain controller (makes since since I can't run the VPN client to connect to my network until I'm actually logged into the computer) Is there a way around this? Or does the system actually need to be physically connected to my network first?
0
Comment
Question by:Methodman85
  • 2
  • 2
  • 2
6 Comments
 
LVL 78

Accepted Solution

by:
Rob Williams earned 1000 total points
ID: 24851602
Once the computer has joined a domain, there is a check box option in the logon box that allows for a dial-up connection. If you are using a Windows VPN check that box and during logon and you will be presented with a list of dial-up and/or VPN connections. Choose the appropriate VPN connection, and it will connect and authenticate before logging into the PC so that the domain is present at logon, allowing for group policy to be applied, and logon scripts executed.
0
 
LVL 1

Author Comment

by:Methodman85
ID: 24851818
And if it's not a Windows based VPN?
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 24851973
That option only works with Windows VPN client.
Seems to me Cisco has a similar option, though it works differently, but it is the only other I know of.

However, normally you can log onto the PC using cached credentials, and then connect the VPN. Though this allows you access to resources, it does not apply group policies or run logon scripts.
I suspect the issue is that until you have logged in once to the domain, there are no cached credentials. Is it possible to set up a Windows VPN connection just long enough for one connection, or visit the site long enough to log on?

If not you can use a local non domain account, and then connect the VPN, however that negates any advantages of joining the domain, but it does allow access to reources.

0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 7

Expert Comment

by:LBizzle
ID: 24853571
System should not NEED to be connected to the network as the profile should be cached locally for instances just like this. So if the network goes down people can still accomplish some work being able to login locally.

Is the domain (Is primary Domain controller) Windows 2000 or 2003? Is the Machine XP?
0
 
LVL 7

Assisted Solution

by:LBizzle
LBizzle earned 1000 total points
ID: 24853628
RobWill is correct, one of the Options of the Cisco client is a check box to launch VPN client before logging in. In the Cisco client under Options is Windows Logon Properties, there is a check box to  Enable start before login.
0
 
LVL 1

Author Comment

by:Methodman85
ID: 25024132
Thank you both.
The login couldn't be cached since there has never been a successful login, the system was remotely added to the domain, therefore after reboot was the first actual login to the domain, that's why I needed the VPN connection beforehand.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question