A
aa128
Here's the situation and any and all suggestions are greatly appreciated.
I apologize if this is not the correct forum.
Our company uses Windows XP Pro and AD 2000. We support a large number of
people who do not have corporate network access. Many of these people are
hired in the field and never step foot inside our buildings. Our people
typically have Internet access available to them and we do provide a select
handful of vpn offerings for them.
We hire new users in the field and send them a brand new PC with a corporate
image installed by the PC manufacturer. Our new users are directed to add
their computer to the domain as soon as they receive their computer.
We accomplish this using a local account with admin rights and one of our
VPN tools to connect to the corporate network and then follow the normal
steps to add the machine to the domain. This part works quite well.
Now that our machine is on the domain we want that new user to abandon the
local account and use their own domain account.
Here is the problem.
A new user cannot log in to a computer the very first time when the machine
is not connected to the corporate network. Plus, our vpn vendors are
reporting Vista will not support starting vpn before Vista starts so it does
not appear the solution will be found with a vpn product.
We were thinking we might be able to log on to a machine in the help desk
with the new user credentials then copy that profile to the newly imaged
machine in the field. If we could push the profile, including cached
credentials, to the new machine just after it has been added to the domain
our problems might be solved. Obviously we have not been successful to date.
We are also thinking we can't be the only company to have this problem so we
are likely missing something obvious.
We are certainly open to any and all suggestions and your suggestions are
always welcome and very appreciated.
I apologize if this is not the correct forum.
Our company uses Windows XP Pro and AD 2000. We support a large number of
people who do not have corporate network access. Many of these people are
hired in the field and never step foot inside our buildings. Our people
typically have Internet access available to them and we do provide a select
handful of vpn offerings for them.
We hire new users in the field and send them a brand new PC with a corporate
image installed by the PC manufacturer. Our new users are directed to add
their computer to the domain as soon as they receive their computer.
We accomplish this using a local account with admin rights and one of our
VPN tools to connect to the corporate network and then follow the normal
steps to add the machine to the domain. This part works quite well.
Now that our machine is on the domain we want that new user to abandon the
local account and use their own domain account.
Here is the problem.
A new user cannot log in to a computer the very first time when the machine
is not connected to the corporate network. Plus, our vpn vendors are
reporting Vista will not support starting vpn before Vista starts so it does
not appear the solution will be found with a vpn product.
We were thinking we might be able to log on to a machine in the help desk
with the new user credentials then copy that profile to the newly imaged
machine in the field. If we could push the profile, including cached
credentials, to the new machine just after it has been added to the domain
our problems might be solved. Obviously we have not been successful to date.
We are also thinking we can't be the only company to have this problem so we
are likely missing something obvious.
We are certainly open to any and all suggestions and your suggestions are
always welcome and very appreciated.