RE: Modifying default behaviour of MS VPN client

From: Raoul Armfield (armfield_at_amnh.org)
Date: 12/08/04

  • Next message: Caeser Augustus: "Re: Modifying default behaviour of MS VPN client" 
    To: "'Wozny, Scott (US - New York)'" <swozny@deloitte.com>, "'marco2'" <marco2@neovalens.com>, <focus-ms@securityfocus.com>
Date: Wed, 8 Dec 2004 15:01:02 -0500

    Not certain but would it have something to do with the Local Security
    options - InteractiveLogon: Number of previous logons to cache? Maybe if
    you set that to 0 it will solve this problem. Surely you can even fix this
    through a group policy.

    Raoul

    :-----Original Message-----
    :From: Wozny, Scott (US - New York) [mailto:swozny@deloitte.com]
    :Sent: Wednesday, December 08, 2004 12:26 PM
    :To: marco2; focus-ms@securityfocus.com
    :Subject: RE: Modifying default behaviour of MS VPN client
    :
    :Yes it is. With that checked, it still allows users to clear the
    :username and password and have the client retrieve the login
    :credentials
    :from the cache. Also, we've made sure to uncheck 'automatically use my
    :user name and password' to no effect. It appears this just keeps the
    :client from trying the login credentials by default, but still allows
    :the user to clear their fields in the dialog which causes the client to
    :go back to the cache. Puzzling... I think the solution (if there is
    :one) will be something lower level in a registry key that will likely
    :have a name like 'DontRetrieveLoginCredentialsFromCache=1' or something
    :like that but my research into the MSKB hasn't yielded any such key.
    :
    :Any other suggestions would be greatly appreciated,
    :
    :Scott
    :
    :
    :-----Original Message-----
    :From: Marco Peretti [mailto:marcop@neovalens.com] On Behalf Of marco2
    :Sent: Wednesday, December 08, 2004 12:05 PM
    :To: Wozny, Scott (US - New York); focus-ms@securityfocus.com
    :Subject: RE: Modifying default behaviour of MS VPN client
    :
    :
    :Scott
    :
    :Is the option "Prompt for user name & password" in the Options tab
    :checked?
    :
    :Cheers,
    :
    :Marco
    :
    :-----Original Message-----
    :From: Wozny, Scott (US - New York) [mailto:swozny@deloitte.com]
    :Sent: Wednesday, December 08, 2004 4:24 PM
    :To: focus-ms@securityfocus.com
    :Subject: Modifying default behaviour of MS VPN client
    :
    :I have a situation on my hands where users have no username
    :and password
    :info in the MS VPN connection dialog but when they hit connect the
    :client will use the username and password of the currently logged on
    :user which grants them a successful authentication. Anyone know how to
    :disable this behaviour and require that the user explicitly enter their
    :username and password in the connection dialog for each VPN connection?
    :
    :Thanks,
    :
    :Scott
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :
    :This message (including any attachments) contains confidential
    :information intended for a specific individual and purpose, and is
    :protected by law. If you are not the intended recipient, you should
    :delete this message. Any disclosure, copying, or distribution of this
    :message, or the taking of any action based on it, is strictly
    :prohibited.
    :
    :---------------------------------------------------------------
    :---------
    :---
    :---------------------------------------------------------------
    :---------
    :---
    :
    :
    :
    :This message (including any attachments) contains confidential
    :information intended for a specific individual and purpose,
    :and is protected by law. If you are not the intended
    :recipient, you should delete this message. Any disclosure,
    :copying, or distribution of this message, or the taking of any
    :action based on it, is strictly prohibited.
    :
    :---------------------------------------------------------------
    :------------
    :---------------------------------------------------------------
    :------------
    :
    :

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: Caeser Augustus: "Re: Modifying default behaviour of MS VPN client"

    Relevant Pages

    • Re: WOW - Changing Network Subnet on SBS2003 Got me crazy
      ... I can only see my computer/ or the client I log on with in network ... > cache, clear nbtstat cache, cleared dns cache all along the way... ... > pickup exchange e-mail from the SBS 2003 server, ... > ping all office machines by name from vpn client ...
      (microsoft.public.windows.server.sbs)
    • RE: Modifying default behaviour of MS VPN client
      ... username and password and have the client retrieve the login credentials ... go back to the cache. ... Modifying default behaviour of MS VPN client ... I have a situation on my hands where users have no username and password ...
      (Focus-Microsoft)
    • lame server messages in named.log
      ... Mar 30 05:42:30.526 security: info: client 202.52.250.176#1052: ... query (cache) denied ...
      (RedHat)
    • lame server messages in named.log
      ... Mar 30 05:42:30.526 security: info: client 202.52.250.176#1052: ... query (cache) denied ...
      (RedHat)
    • Re: Datasets fundamental
      ... client the way they want. ... loading from the Database into this "cache" and you want to update on a ... another option is using SQL 2005 Express and having it ... You then move from a custom "cache" solution to a normal replication type of ...
      (microsoft.public.dotnet.framework.adonet)
    • Quantcast