[ previous ] [ next ] [ threads ]
 From:  "Roy Walker" <rwalker at miracomnetwork dot com>
 To:  "sylikc" <sylikc at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] PPTP -> Windows Clients problems
 Date:  Fri, 10 Sep 2004 13:52:52 -0500
Yes the laptop users are logging on with cached domain credentials.  We
don't use WINS at all.  We have active directory and use DNS for all
name resolution.

I am still puzzled as to what the UPD traffic that I see blocked is from
the DC to the PPTP clients.  It has no port number yet it is between 2
IP addresses not a broadcast address.


-----Original Message-----
From: sylikc [mailto:sylikc at gmail dot com] 
Sent: Friday, September 10, 2004 1:43 PM
To: Roy Walker
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] PPTP -> Windows Clients problems


> I am assuming so.  With machines that are not part of the domain and
> such don't try to authenticate to the DC's there is not problem
> connecting to the shares.  For laptop users which are part of the
> domain, I would assume they would try to authenticate to the DC and
> being blocked.
When you are away from your domain and using PPTP to access internal
network resources, what are you logged on as on your laptop?  Are you
logging on as a domain user using cached credentials?

> Do you have a fix for this?
On my mobile hosts, I log in as a local user and have XP transmit my
logon credentials only when connecting to my domain resources.  I
haven't had a problem with it, and I'm even running SP2 on some.

Recently though on one of my XP SP2 hosts I've gotten the really
ambiguous error saying that there are no logon servers found, etc
etc... I've read a few articles and it's like window's all-in-one
error which anything could've gone wrong.  I did some research and
read a few articles today about WINS and maybe that will help my
remote hosts "find" the PDC.

So I'm not sure I really have a solution for you.  All I find is that
when a mobile client can't see the PDC, all hell breaks loose >_<