Home | Site Map | Cisco How To Net How To | Wireless | Search | Forums | Services | Setup Guide | Chicagotech MVP | About Us | Contact Us|

Bob Lin Photography services

Real Estate Photography services 

Logon VPN

Can't run logon scripts - Can't access roaming profiles and home folders
Can't run logon script by using VPN
How to authenticate a remote client to the DC
How to limit VPN user logon time
Q & A: Use dial-up connection to VPN doesn't work
VPN logon using NT logon ID and password

Can't run logon scripts - Can't access roaming profiles and home folders

Symptoms: 1. When a VPN client, he can't run the logon scripts and can't access to group policies, roaming profiles, and home folders.
2. You may receive the following event: Event ID 5719 - No Windows NT or Windows 2000 domain controller is available for domain {domain name} the following error occurred: There are currently no logon servers available to service the logon request.
3. When checking the ipconfig, you may find that the client is configured to use p-node or m-node for NetBIOS name resolution. Note: This node type may have been set manually, or through a Dynamic Host Configuration Protocol (DHCP) lease that sets DHCP option 46.

Resolutions: This problem is a result of a timing issue that prevents the RAS client from locating a logon server.
1. Apply latest SP.
2. You can work around this problem by using hybrid mode.

Can't run logon script by using VPN

Symptoms: When trying to log on to a domain from a w2k/xp VPN client, you may not be able to run logon script and access to group policies, roaming profiles, and home folders. The following event may also be logged in the System event log: "Event ID 5719
No Windows NT or Windows 2000 domain controller is available for domain {domain name} the following error occurred: There are currently no logon servers available to service the logon request." This problem occurs only if the client is configured to use p-node or m-node for NetBIOS name resolution. This node type may have been set manually, or through a Dynamic Host Configuration Protocol (DHCP) lease that sets DHCP option 46.

Resolutions: 1) You can run regedit to change the mode to hybrid mode NetBIOS name resolution.
2) Or download the latest service pack for Windows 2000.

How to authenticate a remote client to the DC

1. Setup site to site VPN.
2. Use "Log on using Dial-Up connection".

How to limit VPN user logon time

1. If you have domain control, setup Logon Hours under AD Users and Computers
2. Use Remote Access Policy to setup access time (see attached).
3. Use net user command line to restrict logon hour.

VPN logon using NT logon ID and password

To let a user logon from VPN using the same NT logon ID and password, you can 1) setup the VPN user ID and password same as NT ID and password; 2) you can authenticate to a Radius and then point to the NT domain server for PPTP user authentication.

 

 

Bob Lin Photography services

Real Estate Photography services 

  This web is provided "AS IS" with no warranties.
Copyright 2002-2017 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.