Windows 10 New Remote user users can't login

J

JeremyCHIllin

New Member
Joined
Jan 9, 2017
Messages
3
My team has to request all remote user's id and password to log in under their account before shipping them the PC. This is because their profile will not be on the machine when they get it and will not be able to authenticate to the domain. We are hiring more and more remote people and need a solution to just ship them a fresh imaged machine without delaying because we need to log in as them first on the network.
 
Solution
Allow your technicians to reset the password for the new user account, have the technicians set the account to require a password change, and then you can have the user call in to your HD and get the generic password, then upon login make them connect to vpn to reset their password once they are connected to your company network.

Sent from Droid Turbo 2
Sort by date Sort by votes
You can use USMT to keep backups of their profiles and when they get a new device you just load the USMT mig file and they should be able to login
 
Upvote 0 Downvote
Unless you're using some kind of VPN hardware then logging into the machine is the only way that I know of. By logging in half of the domain password hash is stored locally on the machine for offline authentication. This is considered "good enough" by Microsoft for authentication without a DC available.
 
Upvote 0 Downvote
I just feel like there has to be a solution or work around companies are doing for this. I assume lots of people login with a temporary password and require the user to reset it once they receive it.
 
Upvote 0 Downvote
Allow your technicians to reset the password for the new user account, have the technicians set the account to require a password change, and then you can have the user call in to your HD and get the generic password, then upon login make them connect to vpn to reset their password once they are connected to your company network.

Sent from Droid Turbo 2
 
Upvote 0 Downvote
Solution
Or share the password with their hiring manager and have them do a proper onboarding of a new employee... #ijs

Sent from Droid Turbo 2
 
Upvote 0 Downvote
Well the problem in the OP's scenario is that the computers are being logged in in a true remote scenario meaning there's no way for the computer to contact a DC so any password change will not be known to the computer. If they login with the IT set password, shutdown the computer and then change the password, the old password would be cached on the machine provided there are no GPOs set to disable this feature. The best solution IMO is implementing a hardware VPN solution such as Aruba RAPs that rely on computer certificates for authentication. In this case the computer should be able to reach the DC just fine and this type of issue would be avoided.
 
Upvote 0 Downvote
I must have missed typing the part where they'll connect to the VPN at login time with password set by tech. However, if they don't have the raps, having a VPN solution that is set as a credential provider to allow login and VPN connection then they could change their password. Besides raps as opposed to a VPN solution is a pricey license per seat.

Sent from Droid Turbo 2
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

  • Featured
  • Article Article
Top 5 Microsoft Apps Users Can't Live Without on Windows
Replies
0
Views
176
ChatGPT
  • Featured
  • Article Article
Windows 11 OOBE: Local Account Bypass Ends and New User Folder Tool
Replies
4
Views
116
ChatGPT
B
  • Solved
Windows 8 Can't login with domain user
Replies
1
Views
908
Trouble
N
  • Solved
Windows 7 User accounts disappeared and I can't login Help !!
Replies
1
Views
2K
ChatGPT