Tunnelblick keeps two copies of each "private" configuration:
- A "user's" copy that can be modified by the user, even if the user is a "standard" user and not an administrator; and
- A "secured" copy that has been approved for use by a computer administrator.
The message is saying that the "user's" copy is different from the "secured" copy.
If the user clicks "Cancel", or clickd "Secure the Configuration" and then cancels when asked for a computer administrator's username/password, the user will see the same message the next time they try to connect. (Or the next time they start Tunnelblick if the VPN is set to connect when they launch Tunnelblick.) That's because the two configurations are still different until they are reverted (the "secured" copy is copied over the "user's" copy), or the configuration is secured (the "user's copy is copied over the "secured" copy – which can only be done by a computer administrator).
The message will appear each time they try to connect the VPN until either the configuration is reverted or is secured.
One complication, which does not apply directly to the situation you describe but is related: If a computer administrator has
un-checked the ""Require administrator authorization to install all configurations" box on the "Preferences" panel of Tunnelblick's "VPN Details" window, then Tunnelblick will allow a standard user to install or or re-install with modifications configurations that are "safe". See
Standard Users Installing or Replacing Configurations for details.