Users with cached credentials can successfully log onto the local machine
and establish the VPN connection to the server. However, the "Log on using
dial-up connection" option at the Windows Logon screen fails with a 691
access denied error.
Reviewing the IASSAM.LOG shows a failed attempt by the guest account to log
in corresponding to the failed remote connection attempt (see below). If I
manually create the VPN connection (rather than use CMAK), the dial-up
connection at Windows logon works.
Does anyone have an idea where I need to look in CMAK to correct the
problem...? Thanks!
[1796] 09-20 09:15:32:634: NT-SAM Names handler using default user identity
IT_DOMAIN\noguest03.
[1796] 09-20 09:15:32:634: identity is "IT_DOMAIN\noguest03"
[1796] 09-20 09:15:32:634: Username is already an NT4 account name.
[1796] 09-20 09:15:32:634: SAM-Account-Name is "IT_DOMAIN\noguest03".
[1796] 09-20 09:15:32:634: NT-SAM Authentication handler received request
for IT_DOMAIN\noguest03.
[1796] 09-20 09:15:32:634: Processing MS-CHAP v2 authentication.
[1796] 09-20 09:15:32:634: LogonUser failed: Logon failure: unknown user
name or bad password.
[1796] 09-20 09:15:41:696: NT-SAM Names handler using default user identity
IT_DOMAIN\noguest03.
[1796] 09-20 09:15:41:696: identity is "IT_DOMAIN\noguest03"
[1796] 09-20 09:15:41:696: Username is already an NT4 account name.
[1796] 09-20 09:15:41:696: SAM-Account-Name is "IT_DOMAIN\noguest03".
[1796] 09-20 09:15:41:696: NT-SAM Authentication handler received request
for IT_DOMAIN\noguest03.
[1796] 09-20 09:15:41:696: Processing MS-CHAP v2 authentication.
[1796] 09-20 09:15:41:696: LogonUser failed: Logon failure: unknown user
name or bad password.
"IT Guy" <IT...@discussions.microsoft.com> wrote in message news:CE8BC641-E720-499E...@microsoft.com...
"IT Guy" <IT...@discussions.microsoft.com> wrote in message news:6F151106-A767-4191...@microsoft.com...