Home | Troubleshooting |  Quick Setup  |  Cisco How to  |  Data Recovery  |  Forums   | Blog | IT Exam Practice | Services  | About Us | Chicagotech MVP  | Search  | Contact Us  |                 

 

Logon VPN

Can't run logon scripts - Can't access roaming profiles and home folders
Can't run logon script by using VPN
How to authenticate a remote client to the DC
How to limit VPN user logon time
VPN logon using NT logon ID and password

Can't run logon scripts - Can't access roaming profiles and home folders

Symptoms: 1. When a VPN client, he can't run the logon scripts and can't access to group policies, roaming profiles, and home folders.
2. You may receive the following event: Event ID 5719 - No Windows NT or Windows 2000 domain controller is available for domain {domain name} the following error occurred: There are currently no logon servers available to service the logon request.
3. When checking the ipconfig, you may find that the client is configured to use p-node or m-node for NetBIOS name resolution. Note: This node type may have been set manually, or through a Dynamic Host Configuration Protocol (DHCP) lease that sets DHCP option 46.

Resolutions: This problem is a result of a timing issue that prevents the RAS client from locating a logon server.
1. Apply latest SP.
2. You can work around this problem by using hybrid mode.

Can't run logon script by using VPN

Symptoms: When trying to log on to a domain from a w2k/xp VPN client, you may not be able to run logon script and access to group policies, roaming profiles, and home folders. The following event may also be logged in the System event log: "Event ID 5719
No Windows NT or Windows 2000 domain controller is available for domain {domain name} the following error occurred: There are currently no logon servers available to service the logon request." This problem occurs only if the client is configured to use p-node or m-node for NetBIOS name resolution. This node type may have been set manually, or through a Dynamic Host Configuration Protocol (DHCP) lease that sets DHCP option 46.

Resolutions: 1) You can run regedit to change the mode to hybrid mode NetBIOS name resolution.
2) Or download the latest service pack for Windows 2000.

How to authenticate a remote client to the DC

1. Setup site to site VPN.
2. Use log on using Dial-Up connection.

How to limit VPN user logon time

1. If you have domain control, setup Logon Hours under AD Users and Computers
2. Use Remote Access Policy to setup access time (see attached).
3. Use net user command line to restrict logon hour.

VPN logon using NT logon ID and password

To let a user logon from VPN using the same NT logon ID and password, you can 1) setup the VPN user ID and password same as NT ID and password; 2) you can authenticate to a Radius and then point to the NT domain server for PPTP user authentication.

 

 

Hit Counter   This web is provided "AS IS" with no warranties.
Copyright © 2002-2018 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.