One of my clients have Windows 7 Pro based laptops that they use to access the company network via PPTP VPN connections. The VPN connections are provided by a Draytek 2820 router. The laptops are a mix of x86 and x64 architectures.
The issue is that when connected to the VPN the users cannot access drives mapped to DFS shares. When attempting to access a DFS share the users receive a "The user name could not be found" message. The users can connect to shared folders on the servers by using \\server\share.
The issue is caused by the Credential Manager that shows "*Session" when the VPN connection is active. If these credentials are manually removed from the Credential Manager then the user can access DFS shares no problem. However, the credentials re-appear on the next connection.
I know that some people have worked around this issue by editing the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds registry key, however, this client uses the BPOS suite and it seems that the Sign In Tool depends heavily on the credential manager. Setting this registry key stops the sign in tool working.
It seems that this is a fairly common problem that was introduced in Vista and still exists in Win 7.
Can anyone suggest a fix/workaround that won't have a negative impact on the BPOS sign in tool?