User dis-join from domain, how to re-join again

Discussion in 'Active Directory' started by Newbie, Mar 17, 2009.

  1. Newbie

    Newbie Guest

    I have had instances where users disjoin their laptops from the work domain
    when they try to set up whatever at home, then they have to wait till
    getting back to the office to rejoin. Our VPN allows rejoining the laptop
    when signed in, but at the CTRL+ALT+DEL screen, user can't login to VPN
    first before it authenticates, so how can I get around this?

    Appreciate your inputs.
     
    Newbie, Mar 17, 2009
    #1
    1. Advertisements

  2. Have them bring the laptop back to the office. Then take away their admin
    rights after you rejoin their laptops to the domain, or at least make sure
    they've been officially been made aware of what they must not touch on the
    computer. I'd prefer the former, but I understand on laptops it's hard to
    enforce that as they often need to install printers, etc.
     
    Lanwench [MVP - Exchange], Mar 17, 2009
    #2
    1. Advertisements

  3. Newbie

    Newbie Guest

    I wish I had the power to do that!!!


    "Lanwench [MVP - Exchange]"
     
    Newbie, Mar 17, 2009
    #3
  4. Login as the Local Administrator,...activate the VPN,...join the
    Domain,...reboot,....check the "checkbox" to login with a dialup
    connection",....use Domain Credentials at that point,....choose the correct
    VPN connection

    I'm not saying the user would know the local Admin credentials (they
    shouldn't anyway),...but I am saying those are the steps to join the domain
    over the VPN.


    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Mar 17, 2009
    #4
  5. Hello Newbie,

    If you users are able to make that change s they have to many permissions,
    so remove the local admin permission from them. Philipp mshow you the way
    to rejoin.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Mar 17, 2009
    #5
  6. Well, there were two options given :)
     
    Lanwench [MVP - Exchange], Mar 17, 2009
    #6
  7. In
    Just to add, a remote tool can be used (logmein, teamviewer, techinline, and
    many others out there) to remote into the user's laptop while they are at
    home, and then perform this procedure.

    One other additional suggestion is to configure the VPN software so it shows
    up with an option to use it with the logon box. Many VPN client software
    offers this capability. I use Cisco's VPN client which I configure this
    setting for, this way they can logon into the VPN first which connects them
    to the internal network first, then logon into the domain.


    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
    Microsoft Certified Trainer


    For urgent issues, you may want to contact Microsoft PSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [Microsoft Certified Trainer], Mar 18, 2009
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.