If you need to re-install Windows (7 for me, but this should be valid for any) on a “work” laptop when away from the Active Directory domain you may have difficulties setting up and logging in using your domain account due to the domain not being available until after you setup a VPN connection (however this means you would need to logon first… Catch-22 situation!)
Here’s how I resolved the issue which meant I could continue setting up my laptop before I need to do some actual work again tomorrow:
1. Create a local administrator account when installing Windows 7
2. Create a PPTP VPN to the domain (other VPNs may work)
3. Join the domain (e.g. yourcompany.local) by right-clicking on “My Computer”, select Properties and change the network settings – you will be prompted for a domain user account that has permission to join the domain. I also added my domain to the local administrators group at this point.
4. Reboot
5. If you try to login at this stage you will get the “no logon servers” message; login as the local administrator account created in step 1.
6. Connect to the PPTP VPN using your domain account (other VPNs may work; untested though…)
7. Hit Ctrl+Alt+Del and select “Switch User” – this forces the next user to authenticate before disconnecting the VPN… neat! Login using your domain account and the logon server will be available long enough for you to authenticate and cached credentials to be created.
That’s it! Saved me a lot of time working this out but couldn’t find any clear guide as to how to setup cached credentials over a VPN. Some guides suggested that mapping a drive may work, but I think that is probably only if you are already logged in under your domain user account. I may not be alone in wiping my work laptop every so often… maybe not advised but I had 5 BSODs in 3 days (ntoskrnl.exe) – enough is enough!
Hope that helps somebody! Comments welcome!
Leave a Reply