Vista VPN users will be prompted to input
credentials when accessing the local mapped drive
Symptom: the Vista users will be prompted to input
credentials when attempting
to access the local mapped drive, Sharepoint site (on local domain network)
after they established the PPTP VPN connections to other domain. If I have
misunderstood about your concern, feel free to let me know.
Troubleshooting: it appears that the problem we are facing is that
while accessing share (mapped drive) when laptop is connected through VPN,
the VPN credentials are used to access mapped drive other than the current
logon account. So, deleting VPN credentials (cmdkey /delete /ras) from
credential manager can make it worked.
1. After establishing the VPN connection, please try to use the FQDN (E.X:
\\hostname.domain.com\share)
of the server share on local domain rather
than the short name to access the local resources. Please check it will
still prompt for the username and passwords.
2. If it works after using FQDN, please disconnect and recreate the mapped
drive via the FQDN for the sever share in question to see if the map drive
can keep connected status.
NOTE: The reason of doing above tests is that in Vista there is a change to
NTLM to behave exactly like Kerberos when it comes to credentials from
Credential Manager. The Credential Manager will not give back the RAS
credential if it can determine that the target supplied is in the current
user domain. In the case of short name, there is no information to know
which domain the target belongs to, so the default RAS credential is
returned. It is by design in order to make the use of VPN more seemless for
the users. However, when using FQDN, the dialup (VPN) credential is not
used by design and we can test it in our situation to see if it helps.
4. Please also ensure the following update has been installed on all the
Vista machines:
