NT Domain Login via Cisco IPSec Client
Tina Bird
tbird at precision-guesswork.com
Sun Jun 3 22:42:07 EDT 2001
Configure your NT box to ask for a domain login when it
boots up. Go ahead and enter username, domain and password.
You'll get an error message, but unless you have specifically
configured the registry to >NOT< cache the last set of security
identifiers (which NT does by default), it gets stored.
Then bring up your VPN. When you try to connect to domain
network resources, the domain controller verifies access
privileges based on that cached information.
Blick. At one point I had written down which registry key to
edit to prevent this behavior -- cos' it basically means that
someone can access domain resources without running your login
scripts -- but I don't seem to have that post-it note any more.
Anyone out there remember what it is?
cheers -- tbird
On Wed, 25 Apr 2001 Patrick.Bryan at ABBOTT.COM wrote:
> Date: Wed, 25 Apr 2001 12:07:19 -0500
> From: Patrick.Bryan at ABBOTT.COM
> To: VPN at SECURITYFOCUS.COM
> Subject: NT Domain Login via Cisco IPSec Client
>
> Anyone have any information on how to authenticate to a NT Domain upon bootup
> using the Cisco IPSec client? This would be for a Cable / DSL connection..
>
> Thanks.....
>
> VPN is sponsored by SecurityFocus.COM
>
VPN: http://kubarb.phsx.ukans.edu/~tbird/vpn.html
life: http://kubarb.phsx.ukans.edu/~tbird
work: http://www.counterpane.com
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list