CMAK and "Automatically Use Windows Logon name and Password"

I've been trying to build a VPN "installer" that I can deliver via group policy, but I've hit a snag with CMAK.  CMAK will work almost perfectly, I just cant find a way to enable the  "Automatically Use Windows Logon name and Password" option.  Does anyone know if this is possible?
Mach03Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Rob WilliamsConnect With a Mentor Commented:
Though I have used CMAK and blogged about it, I confess I have never tried saving the user name and password.  There are security issues with doing so, and users generally have to use the same VPN credentials as domain file access credentials due to the fact that a server will not allow multiple credentials to access resources simultaneously, from the same computer.  Therefore you would either need to create 1 deployable client for each user, or have all users access the server with the same credentials.  The later might even be a CAL licensing violation.

Having said that, you are supposed to be able to do so by creating your deployable client using CMAK, then in the folder created, use a text editor to edit the .cmp file.  
In the .cmp file there will be a section similar to:

    [Connection Manager]
    CMSFile=FolderName\FileName.cms  

Below that add:

    UserName=JohnDoe
    Password=MyPassword
    RememberPassword=1    (should not be needed)
    HideUserName=1   (optional – test first without this switch)
    HidePassword=1     (optional – test first without this switch)

However I have heard of people having problems with the password feature not working.  This may be due to policies or features on the specific computer using the client, relating to saving passwords.

Details and syntax for editing the .cmp file can be found 1/3 of the way down the following page.
http://technet.microsoft.com/en-us/library/cc939869.aspx
0
 
Mach03Author Commented:
After reading a few articles, the option has been removed for Windows 2008.  They are suggesting that it's not secure to have the user use the same username and password as the logged in user.   Don't really see the issue, but whatever.
0
 
Rob WilliamsCommented:
>>" it's not secure to have the user use the same username and password as the logged in user."
I would disagree with that.  It is common to configure  log onto VPN before local logon so you are truly authenticating to the domain.

However it is a security risk to store the password in CMAK as it is in clear text.

Thanks Mach03
0
All Courses

From novice to tech pro — start learning today.