Metal Guitarist Forums banner
1 - 6 of 6 Posts

·
Read Only
Joined
·
10 Posts
Discussion Starter · #1 ·
I have a machine here that I'm logged into as administrator. I'm connected to my work's network via VPN, and am able to join the machine to the domain.

I want to create a domain user profile on the machine, eg DOMAIN\myname, so that I can log in with it and install single user stuff. However, I can't do that if I'm not connected to the domain.

My VPN client (Cisco) doesn't support connecting before login, so is there another way that I can manually make the domain user and cache the login info, so that I can login to the domain with my user details before connecting to the actual AD controller?
 

·
Registered
Joined
·
34 Posts
Been a while but I think that you have to go through the authentication/verification process against the Domain Controller in an Active Directory environment. I believe that with administrative privileges you can create a cached profile on the local machine which you can log into when not connected to the domain but you have to be logged into the domain at the time you create it. This may help Managing User Profiles but if I am way off in left field from where you're trying to be, let me know and I'll adjust my feedback.
 

·
Read Only
Joined
·
10 Posts
Discussion Starter · #3 ·
I actually managed to get this to work. :D

This may seem useless, but it's actually pretty handy if you (like me, right now) need to remotely rebuild a machine that requires a domain login. While logged in as Administrator and connected to the DC via VPN, I added mydomain\me to the Administrator's group, and then used my domain credentials to authenticate when checking the name.

That seemed to be enough to cache my login information, so I was able to logout (disconnect) and login to the machine as domain\myname, even though it's not actually connected up. Windows created the new user profile correctly and I'm good to go. :yesway:
 

·
Bro of Bros, Bro.
Joined
·
15,373 Posts
I was thinking that it should cache your login info, but I was wondering how you got the machine on the domain before creating a profile?
 

·
Banned
Joined
·
21,673 Posts
I was thinking that it should cache your login info, but I was wondering how you got the machine on the domain before creating a profile?
Presumably Chris' Cisco client is IPSec, which creates a virtual NIC on the machine. At that point, once the connection's made, the machine thinks it's physically attached to the network, and thus you can join the domain. This'll sometimes work, sometimes not, depending upon how you've got the VPN concentrator configured in terms of what subnet/IP scheme is chosen.
 

·
Read Only
Joined
·
10 Posts
Discussion Starter · #6 ·
^ Yep, exactly. The machine's restriction is by MAC, so though it was a fresh XP install, the MAC of my NIC matched what was in the allowed hosts table, so I could at least auth to the domain and add my machine.

The fact that I could cache my user credentials (and thus, build the user profile) was huge. We all know how... fussy... software can be if it's installed under one user (eg: local\me) and then accessed by another (domain\me).
 
1 - 6 of 6 Posts
Top