Adding A System connected via VPN to domain.

Posted on 2009-07-14
Last Modified: 2012-05-07
I have a system that I added to my domain over a VPN connection. It successfully added, but after restart when I try to login to a domain account, it says it cannot locate a domain controller (makes since since I can't run the VPN client to connect to my network until I'm actually logged into the computer) Is there a way around this? Or does the system actually need to be physically connected to my network first?
Question by:Methodman85
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
LVL 77

Accepted Solution

Rob Williams earned 250 total points
ID: 24851602
Once the computer has joined a domain, there is a check box option in the logon box that allows for a dial-up connection. If you are using a Windows VPN check that box and during logon and you will be presented with a list of dial-up and/or VPN connections. Choose the appropriate VPN connection, and it will connect and authenticate before logging into the PC so that the domain is present at logon, allowing for group policy to be applied, and logon scripts executed.

Author Comment

ID: 24851818
And if it's not a Windows based VPN?
LVL 77

Expert Comment

by:Rob Williams
ID: 24851973
That option only works with Windows VPN client.
Seems to me Cisco has a similar option, though it works differently, but it is the only other I know of.

However, normally you can log onto the PC using cached credentials, and then connect the VPN. Though this allows you access to resources, it does not apply group policies or run logon scripts.
I suspect the issue is that until you have logged in once to the domain, there are no cached credentials. Is it possible to set up a Windows VPN connection just long enough for one connection, or visit the site long enough to log on?

If not you can use a local non domain account, and then connect the VPN, however that negates any advantages of joining the domain, but it does allow access to reources.

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Expert Comment

ID: 24853571
System should not NEED to be connected to the network as the profile should be cached locally for instances just like this. So if the network goes down people can still accomplish some work being able to login locally.

Is the domain (Is primary Domain controller) Windows 2000 or 2003? Is the Machine XP?

Assisted Solution

LBizzle earned 250 total points
ID: 24853628
RobWill is correct, one of the Options of the Cisco client is a check box to launch VPN client before logging in. In the Cisco client under Options is Windows Logon Properties, there is a check box to  Enable start before login.

Author Comment

ID: 25024132
Thank you both.
The login couldn't be cached since there has never been a successful login, the system was remotely added to the domain, therefore after reboot was the first actual login to the domain, that's why I needed the VPN connection beforehand.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question