new PC on domain and user on new PC without direct network access

Here's the situation and any and all suggestions are greatly appreciated.
I apologize if this is not the correct forum.

Our company uses Windows XP Pro and AD 2000. We support a large number of
people who do not have corporate network access. Many of these people are
hired in the field and never step foot inside our buildings. Our people
typically have Internet access available to them and we do provide a select
handful of vpn offerings for them.
We hire new users in the field and send them a brand new PC with a corporate
image installed by the PC manufacturer. Our new users are directed to add
their computer to the domain as soon as they receive their computer.
We accomplish this using a local account with admin rights and one of our
VPN tools to connect to the corporate network and then follow the normal
steps to add the machine to the domain. This part works quite well.
Now that our machine is on the domain we want that new user to abandon the
local account and use their own domain account.
Here is the problem.
A new user cannot log in to a computer the very first time when the machine
is not connected to the corporate network. Plus, our vpn vendors are
reporting Vista will not support starting vpn before Vista starts so it does
not appear the solution will be found with a vpn product.
We were thinking we might be able to log on to a machine in the help desk
with the new user credentials then copy that profile to the newly imaged
machine in the field. If we could push the profile, including cached
credentials, to the new machine just after it has been added to the domain
our problems might be solved. Obviously we have not been successful to date.
We are also thinking we can't be the only company to have this problem so we
are likely missing something obvious.
We are certainly open to any and all suggestions and your suggestions are
always welcome and very appreciated.
.

Relevant Pages

  • Re: ISP Blocking Access to External Port 25
    ... > Use a VPN to your corporate mailserver. ... > because your companies internal email and passwords are likely ... > SSL encrypt SMTP and POP itself but it's actually easier just to create ... > a VPN to your corporate network for all traffic from the home system, ...
    (comp.os.linux.misc)
  • Re: Configuring an automatic or permanent VPN on XP
    ... another connection to active directory... ... and I would prefer the entire VPN to be invisible to our users. ... IPSEC to protect the domain controller from unauthorized machines... ... laptops to connect to the corporate network, ...
    (microsoft.public.windowsxp.network_web)
  • Re: new PC on domain and user on new PC without direct network access
    ... number of people who do not have corporate network access. ... them and we do provide a select handful of vpn offerings for them. ... abandon the local account and use their own domain account. ... vendors are reporting Vista will not support starting vpn before ...
    (microsoft.public.windowsxp.security_admin)
  • Re: MS Office Web Access - How to stop
    ... I am usually connected to my Corporate network ... Every time I attempt to use the help function or other menu ... When on a laptop, this slows things down, when on VPN - I have to log ... our firewall and wait forever (network time lag) to get the ...
    (microsoft.public.office.misc)
  • Re: Roaming profiles and logon rights
    ... Each user has a click to allow then dial in permissions. ... User permissions for the roaming profile question. ... >ok even installing and using VPN. ... >the new user cannot logon any workstation on the network. ...
    (microsoft.public.backoffice.smallbiz2000)
Loading