NT Domain Login via Cisco IPSec Client

[Pete Davis]

The Cisco VPN Client v3.x supports "Start Before Login".

Start Before Login allows you to connect up with the VPN client prior to 
logging in to your machine (NT/W2K/XP) so that you don't have to use cached 
credentials and login scripts will run.

Regards,
-pete

On Sun, Jun 03, 2001 at 09:42:07PM -0500, Tina Bird wrote:
> Configure your NT box to ask for a domain login when it
> boots up.  Go ahead and enter username, domain and password.
> You'll get an error message, but unless you have specifically
> configured the registry to >NOT< cache the last set of security
> identifiers (which NT does by default), it gets stored.
> Then bring up your VPN.  When you try to connect to domain
> network resources, the domain controller verifies access
> privileges based on that cached information.
> 
> Blick.  At one point I had written down which registry key to
> edit to prevent this behavior -- cos' it basically means that
> someone can access domain resources without running your login
> scripts -- but I don't seem to have that post-it note any more.
> Anyone out there remember what it is?
> 
> cheers -- tbird
> 
> On Wed, 25 Apr 2001 Patrick.Bryan at ABBOTT.COM wrote:
> 
> > Date: Wed, 25 Apr 2001 12:07:19 -0500
> > From: Patrick.Bryan at ABBOTT.COM
> > To: VPN at SECURITYFOCUS.COM
> > Subject: NT Domain Login via Cisco IPSec Client
> > 
> > Anyone have any information on how to authenticate to a NT Domain upon bootup
> > using the Cisco IPSec client? This would be for a Cable / DSL connection..
> > 
> > Thanks.....
> > 
> > VPN is sponsored by SecurityFocus.COM
> > 
> 
> VPN:  http://kubarb.phsx.ukans.edu/~tbird/vpn.html
> life: http://kubarb.phsx.ukans.edu/~tbird
> work: http://www.counterpane.com
> 
> 
> VPN is sponsored by SecurityFocus.com

---
     Pete Davis - Product Manager <psd at cisco.com>  (508) 541-7300 x6154
         Cisco Systems, Inc.  - 38 Forge Park   Franklin, MA 02038


VPN is sponsored by SecurityFocus.com