Archived from groups: microsoft.public.win2000.security (
More info?)
Is there a way to cause your VPN client to not automatically
provide credentials, but to instead make you go through a
prompt based authentication? In the MS VPN client this is
a checkbox in the properties of the VPN connectiod.
It seems that the issue is that you are changing the password
while at work logged into the domain, and your work's VPN
solution is authenticating based on Windows domain accounts.
Hence, you can log into the home machine with the cached
domain account, using old password, but this of course does
not work with the VPN access (and also locks the domain
account in the process). If you can get past that VPN login
then you should have a chance that the cached login can be
updated (maybe?) but this may be most simple by forcing
with another password change after connecting. For that to
happen however, the only way you can have a chance is if
you can provide login info to the VPN server other than what
your VPN client would automatically provide from your
logon credentials.
--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"nee" <nee@discussions.microsoft.com> wrote in message
news:89DC6167-F94E-4BC5-9271-3F51C3946C3E@microsoft.com...
> Thanks for your info Danny. But my problem is a kind of catch-22 since I
> have two machines at home. So, I logon locally to machine #1 with
original
> pw ("a") and connect via VPN to the office and do a ctrl+alt+del to change
pw
> from "a" to "b". Then I logon locally to machine #2 with original pw
("a")
> and connect via VPN. But before I can do a ctrl+alt+del, I'm usually
already
> locked out. The crux of the problem is not being able to change the pw
> locally (unless you know how) before actually connecting to the Office
> Network, so that they match and I don't get locked out.
>
> "Danny Sanders" wrote:
>
> > Hit ctrl - alt - del and click change password.
> >
> > hth
> > DDS W 2k MVP MCSE
> >
> > "nee" <nee@discussions.microsoft.com> wrote in message
> > news:24C05551-39CA-402E-A669-CB99F53139EC@microsoft.com...
> > >I have two home machines that connect to the office via a VPN client
over
> > > DSL. My office has a Domain lockout policy enabled after three bad pw
> > > attempts and enforces pw changes every 3 months. When I'm forced to
> > > change
> > > pw's I get locked out of the office Domain when connecting from home
since
> > > I'm only able to logon to Win2K (locally) using my old pw before
actually
> > > connecting to the office (which already has my new pw).
> > > Is there a place/way I can change the old pw locally to match my new
pw
> > > before connecting to the Network?
> > >
> > > Thanks
> >
> >
> >