Problems with VPN and Windows Network Shares

Unanswered Question
Apr 24th, 2007

I'm in the middle of a Windows domain migration and I've setup the two way trust for the domains.


Cisco VPN clients authenticate against the old domain.


A user with an account in the new domain and whos laptop is joined to the new domain (also has a user account in the old domain) can connect to the VPN but is asked for Windows authentication when they connect to a network share in either domain.


Users whos account/laptop are in the old domain don't have this issue.


Any ideas or suggestions?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
carenas123 Mon, 04/30/2007 - 09:56

This may happens because broadcasts do not go through an IPSec tunnel.


Browsing Network Neighborhood is a function of the Microsoft browsing service. Any problems are usually because the PC or master browsers do not function properly. Network Neighborhood is officially not supported. However, it works if configured correctly. Browsing Network Neighborhood works by obtaining the browse list from either a master or backup browser. This list is obtained locally on your LAN by using NetBIOS Broadcasts to locate domain browsers.



Inorder to resove this :

Make sure you have NetBIOS over TCP enabled on the adapter that you use to connect to the domain.


Refer this related links:

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_tech_note09186a0080194b4a.shtml


incipienttech Thu, 05/03/2007 - 10:01

I think I found the problem.


When I changed the Base Group's DNS to the AD server's DNS, I'm able to get a kerberos ticket.


Thanks for your help

Actions

This Discussion