Not an option at this point. Too many off site users (hence the need
for the VPN) and no desire to manage local accounts. I'm going to hit
up Microsoft for an answer. If I get one other than, "you can't do
that", I'll let the list know.
Thanks for all your responses,
Scott
-----Original Message-----
From: Caeser Augustus [mailto:caeser.augustus (at) gmail (dot) com [email concealed]]
Sent: Thursday, December 09, 2004 5:26 AM
To: Wozny, Scott (US - New York)
Cc: marco2; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Modifying default behaviour of MS VPN client
Would you be willing to completely disable CredentialCaching ?
On Wed, 8 Dec 2004 12:26:17 -0500, Wozny, Scott (US - New York)
<swozny (at) deloitte (dot) com [email concealed]> wrote:
> Yes it is. With that checked, it still allows users to clear the
> username and password and have the client retrieve the login
credentials
> from the cache. Also, we've made sure to uncheck 'automatically use
my
> user name and password' to no effect. It appears this just keeps the
> client from trying the login credentials by default, but still allows
> the user to clear their fields in the dialog which causes the client
to
> go back to the cache. Puzzling... I think the solution (if there is
> one) will be something lower level in a registry key that will likely
> have a name like 'DontRetrieveLoginCredentialsFromCache=1' or
something
> like that but my research into the MSKB hasn't yielded any such key.
>
> Any other suggestions would be greatly appreciated,
>
> Scott
>
>
>
>
> -----Original Message-----
> From: Marco Peretti [mailto:marcop (at) neovalens (dot) com [email concealed]] On Behalf Of marco2
> Sent: Wednesday, December 08, 2004 12:05 PM
> To: Wozny, Scott (US - New York); focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: RE: Modifying default behaviour of MS VPN client
>
> Scott
>
> Is the option "Prompt for user name & password" in the Options tab
> checked?
>
> Cheers,
>
> Marco
>
> -----Original Message-----
> From: Wozny, Scott (US - New York) [mailto:swozny (at) deloitte (dot) com [email concealed]]
> Sent: Wednesday, December 08, 2004 4:24 PM
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Modifying default behaviour of MS VPN client
>
> I have a situation on my hands where users have no username and
password
> info in the MS VPN connection dialog but when they hit connect the
> client will use the username and password of the currently logged on
> user which grants them a successful authentication. Anyone know how
to
> disable this behaviour and require that the user explicitly enter
their
> username and password in the connection dialog for each VPN
connection?
>
> Thanks,
>
> Scott
>
> This message (including any attachments) contains confidential
> information intended for a specific individual and purpose, and is
> protected by law. If you are not the intended recipient, you should
> delete this message. Any disclosure, copying, or distribution of this
> message, or the taking of any action based on it, is strictly
> prohibited.
>
>
------------------------------------------------------------------------
> ---
>
> This message (including any attachments) contains confidential
information intended for a specific individual and purpose, and is
protected by law. If you are not the intended recipient, you should
delete this message. Any disclosure, copying, or distribution of this
message, or the taking of any action based on it, is strictly
prohibited.
>
>
------------------------------------------------------------------------
This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
for the VPN) and no desire to manage local accounts. I'm going to hit
up Microsoft for an answer. If I get one other than, "you can't do
that", I'll let the list know.
Thanks for all your responses,
Scott
-----Original Message-----
From: Caeser Augustus [mailto:caeser.augustus (at) gmail (dot) com [email concealed]]
Sent: Thursday, December 09, 2004 5:26 AM
To: Wozny, Scott (US - New York)
Cc: marco2; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Modifying default behaviour of MS VPN client
Would you be willing to completely disable CredentialCaching ?
On Wed, 8 Dec 2004 12:26:17 -0500, Wozny, Scott (US - New York)
<swozny (at) deloitte (dot) com [email concealed]> wrote:
> Yes it is. With that checked, it still allows users to clear the
> username and password and have the client retrieve the login
credentials
> from the cache. Also, we've made sure to uncheck 'automatically use
my
> user name and password' to no effect. It appears this just keeps the
> client from trying the login credentials by default, but still allows
> the user to clear their fields in the dialog which causes the client
to
> go back to the cache. Puzzling... I think the solution (if there is
> one) will be something lower level in a registry key that will likely
> have a name like 'DontRetrieveLoginCredentialsFromCache=1' or
something
> like that but my research into the MSKB hasn't yielded any such key.
>
> Any other suggestions would be greatly appreciated,
>
> Scott
>
>
>
>
> -----Original Message-----
> From: Marco Peretti [mailto:marcop (at) neovalens (dot) com [email concealed]] On Behalf Of marco2
> Sent: Wednesday, December 08, 2004 12:05 PM
> To: Wozny, Scott (US - New York); focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: RE: Modifying default behaviour of MS VPN client
>
> Scott
>
> Is the option "Prompt for user name & password" in the Options tab
> checked?
>
> Cheers,
>
> Marco
>
> -----Original Message-----
> From: Wozny, Scott (US - New York) [mailto:swozny (at) deloitte (dot) com [email concealed]]
> Sent: Wednesday, December 08, 2004 4:24 PM
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Modifying default behaviour of MS VPN client
>
> I have a situation on my hands where users have no username and
password
> info in the MS VPN connection dialog but when they hit connect the
> client will use the username and password of the currently logged on
> user which grants them a successful authentication. Anyone know how
to
> disable this behaviour and require that the user explicitly enter
their
> username and password in the connection dialog for each VPN
connection?
>
> Thanks,
>
> Scott
>
> This message (including any attachments) contains confidential
> information intended for a specific individual and purpose, and is
> protected by law. If you are not the intended recipient, you should
> delete this message. Any disclosure, copying, or distribution of this
> message, or the taking of any action based on it, is strictly
> prohibited.
>
>
------------------------------------------------------------------------
> ---
>
------------------------------------------------------------------------
> ---
>
> This message (including any attachments) contains confidential
information intended for a specific individual and purpose, and is
protected by law. If you are not the intended recipient, you should
delete this message. Any disclosure, copying, or distribution of this
message, or the taking of any action based on it, is strictly
prohibited.
>
>
------------------------------------------------------------------------
---
>
------------------------------------------------------------------------
---
>
>
This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]