RE: Modifying default behaviour of MS VPN client

From: Wozny, Scott (US - New York) (swozny_at_deloitte.com)
Date: 12/09/04

  • Next message: Peter Rodger: "Group policy help needed!!!" 
    Date: Thu, 9 Dec 2004 09:40:39 -0500
To: "Caeser Augustus" <caeser.augustus@gmail.com>

    Not an option at this point. Too many off site users (hence the need
    for the VPN) and no desire to manage local accounts. I'm going to hit
    up Microsoft for an answer. If I get one other than, "you can't do
    that", I'll let the list know.

    Thanks for all your responses,

    Scott

    -----Original Message-----
    From: Caeser Augustus [mailto:caeser.augustus@gmail.com]
    Sent: Thursday, December 09, 2004 5:26 AM
    To: Wozny, Scott (US - New York)
    Cc: marco2; focus-ms@securityfocus.com
    Subject: Re: Modifying default behaviour of MS VPN client

    Would you be willing to completely disable CredentialCaching ?

    On Wed, 8 Dec 2004 12:26:17 -0500, Wozny, Scott (US - New York)
    <swozny@deloitte.com> wrote:
    > Yes it is. With that checked, it still allows users to clear the
    > username and password and have the client retrieve the login
    credentials
    > from the cache. Also, we've made sure to uncheck 'automatically use
    my
    > user name and password' to no effect. It appears this just keeps the
    > client from trying the login credentials by default, but still allows
    > the user to clear their fields in the dialog which causes the client
    to
    > go back to the cache. Puzzling... I think the solution (if there is
    > one) will be something lower level in a registry key that will likely
    > have a name like 'DontRetrieveLoginCredentialsFromCache=1' or
    something
    > like that but my research into the MSKB hasn't yielded any such key.
    >
    > Any other suggestions would be greatly appreciated,
    >
    > Scott
    >
    >
    >
    >
    > -----Original Message-----
    > From: Marco Peretti [mailto:marcop@neovalens.com] On Behalf Of marco2
    > Sent: Wednesday, December 08, 2004 12:05 PM
    > To: Wozny, Scott (US - New York); focus-ms@securityfocus.com
    > Subject: RE: Modifying default behaviour of MS VPN client
    >
    > Scott
    >
    > Is the option "Prompt for user name & password" in the Options tab
    > checked?
    >
    > Cheers,
    >
    > Marco
    >
    > -----Original Message-----
    > From: Wozny, Scott (US - New York) [mailto:swozny@deloitte.com]
    > Sent: Wednesday, December 08, 2004 4:24 PM
    > To: focus-ms@securityfocus.com
    > Subject: Modifying default behaviour of MS VPN client
    >
    > I have a situation on my hands where users have no username and
    password
    > info in the MS VPN connection dialog but when they hit connect the
    > client will use the username and password of the currently logged on
    > user which grants them a successful authentication. Anyone know how
    to
    > disable this behaviour and require that the user explicitly enter
    their
    > username and password in the connection dialog for each VPN
    connection?
    >
    > Thanks,
    >
    > Scott
    >
    > This message (including any attachments) contains confidential
    > information intended for a specific individual and purpose, and is
    > protected by law. If you are not the intended recipient, you should
    > delete this message. Any disclosure, copying, or distribution of this
    > message, or the taking of any action based on it, is strictly
    > prohibited.
    >
    >
    ------------------------------------------------------------------------
    > ---
    >
    ------------------------------------------------------------------------
    > ---
    >
    > This message (including any attachments) contains confidential
    information intended for a specific individual and purpose, and is
    protected by law. If you are not the intended recipient, you should
    delete this message. Any disclosure, copying, or distribution of this
    message, or the taking of any action based on it, is strictly
    prohibited.
    >
    >
    ------------------------------------------------------------------------ 

    ---
>
------------------------------------------------------------------------
---
> 
>
This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law.  If you are not the intended recipient, you should delete this message.  Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
---------------------------------------------------------------------------
---------------------------------------------------------------------------
  • Next message: Peter Rodger: "Group policy help needed!!!"

    Relevant Pages

    • [NEWS] Cisco VPN 5000 Client Multiple Vulnerabilities
      ... Multiple vulnerabilities exist in the Cisco Virtual Private Network (VPN) ... 5000 Client software. ... These vulnerabilities are documented as Cisco bug ID ... CSCdx17109 - MAC OS VPN 5000 Client password vulnerability ...
      (Securiteam)
    • Re: VPN clients unable to connect to other resources.
      ... gateway matches the IP of the remote client, and DNS and WINS point to the ... remote (although it takes close to a minute to connect, ... This is just regular Windows VPN, ... VPN server, remote routing and access running on the SBS 2003 server ...
      (microsoft.public.windows.server.sbs)
    • Re: RPC over HTTP for Outlook
      ... Outlook simply connects. ... It works when I have VPN but when using from Internet it just ... > asking for username and password and have tried various formats even same ... >> Did you setup the outlook client to use http to retriev emaail from ...
      (microsoft.public.windows.server.sbs)
    • RE: Slow VPN logon and Spuratic folder visibility
      ... I understand that the remote VPN client ... network configuration. ... the VPN client can access SBS fine? ... Slow VPN logon and Spuratic folder visibility ...
      (microsoft.public.windows.server.sbs)
    • RE: VPN timeouts
      ... I do not use ISA & was wondering if there is a configurable option on the ... You remote clients VPN connection will timeout while trying to connect SBS ... between remote client and SBS server which caused by lack of network ...
      (microsoft.public.windows.server.sbs)