Hi,
We have a Windows 2000 Mixed Mode domain. We are using Nortel Connectivity switch to allow internet users to VPN into our network.
When users connect from the internet using the Nortel VPN client, it seems like they are using CACHED CREDENTIALS. I say this because they are not running logon scripts and because they get prompted for authentication when they try to connect to NT 4.0 servers. (I assume this is because they are using Kerabos authentication which works for authenticating to 2K servers but NT 4.0 uses old style authentication. Therefore, they have to enter user name and password to connect the 4.0 servers.)
Anyway, because I feel the client is not being truely authenticated to the domain, I feel that Windows 2000 policies are not being applied either.
The Nortel client says that after getting the VPN established, we should then hit CTL-ALT-DEL, logout and then log back into the domain. However, a business decision was made that they only want to use a single login. They feel having to logout and log back in, is too hard for the end users.
Any suggestions how to get truely authenticated to the Windows 2000 domain in a single logon? By the way, all clients are 2k/XP
Thanks.. Joseph L. Poandl
MCSE 2000
If your company is in need of experts to examine technical problems/solutions, please check out
We have a Windows 2000 Mixed Mode domain. We are using Nortel Connectivity switch to allow internet users to VPN into our network.
When users connect from the internet using the Nortel VPN client, it seems like they are using CACHED CREDENTIALS. I say this because they are not running logon scripts and because they get prompted for authentication when they try to connect to NT 4.0 servers. (I assume this is because they are using Kerabos authentication which works for authenticating to 2K servers but NT 4.0 uses old style authentication. Therefore, they have to enter user name and password to connect the 4.0 servers.)
Anyway, because I feel the client is not being truely authenticated to the domain, I feel that Windows 2000 policies are not being applied either.
The Nortel client says that after getting the VPN established, we should then hit CTL-ALT-DEL, logout and then log back into the domain. However, a business decision was made that they only want to use a single login. They feel having to logout and log back in, is too hard for the end users.
Any suggestions how to get truely authenticated to the Windows 2000 domain in a single logon? By the way, all clients are 2k/XP
Thanks.. Joseph L. Poandl
MCSE 2000
If your company is in need of experts to examine technical problems/solutions, please check out