Solved

CMAK and "Automatically Use Windows Logon name and Password"

Posted on 2013-06-25
3
1,291 Views
Last Modified: 2014-03-27
I've been trying to build a VPN "installer" that I can deliver via group policy, but I've hit a snag with CMAK.  CMAK will work almost perfectly, I just cant find a way to enable the  "Automatically Use Windows Logon name and Password" option.  Does anyone know if this is possible?
0
Comment
Question by:Mach03
  • 2
3 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 39277914
Though I have used CMAK and blogged about it, I confess I have never tried saving the user name and password.  There are security issues with doing so, and users generally have to use the same VPN credentials as domain file access credentials due to the fact that a server will not allow multiple credentials to access resources simultaneously, from the same computer.  Therefore you would either need to create 1 deployable client for each user, or have all users access the server with the same credentials.  The later might even be a CAL licensing violation.

Having said that, you are supposed to be able to do so by creating your deployable client using CMAK, then in the folder created, use a text editor to edit the .cmp file.  
In the .cmp file there will be a section similar to:

    [Connection Manager]
    CMSFile=FolderName\FileName.cms  

Below that add:

    UserName=JohnDoe
    Password=MyPassword
    RememberPassword=1    (should not be needed)
    HideUserName=1   (optional – test first without this switch)
    HidePassword=1     (optional – test first without this switch)

However I have heard of people having problems with the password feature not working.  This may be due to policies or features on the specific computer using the client, relating to saving passwords.

Details and syntax for editing the .cmp file can be found 1/3 of the way down the following page.
http://technet.microsoft.com/en-us/library/cc939869.aspx
0
 

Author Comment

by:Mach03
ID: 39328412
After reading a few articles, the option has been removed for Windows 2008.  They are suggesting that it's not secure to have the user use the same username and password as the logged in user.   Don't really see the issue, but whatever.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39328560
>>" it's not secure to have the user use the same username and password as the logged in user."
I would disagree with that.  It is common to configure  log onto VPN before local logon so you are truly authenticating to the domain.

However it is a security risk to store the password in CMAK as it is in clear text.

Thanks Mach03
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA VPN Client Routing 8 41
LOGINSERVER and nltest /dsgetdc 3 40
URGENT: Re-install Windows 10 using same license? 18 75
Updating Group Policy over a PPTP VPN 21 34
Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question