How to Fix Failing User Credentials on Domain-Joined Devices Connecting via VPNs

When a great deal of people shifted to working remotely rather than going into an office, the one thing they were often missing was access to the files they used to be able to easily access. These files were often stored on servers or other computers, rather than on the local device. This left businesses needing to find a way to make those files accessible to their employees even when they were not in the office.

One of the main ways business made files available to remote workers was to set up systems that supported a virtual private network (VPN). VPNs allow users to connect to network resources, like servers and other computers, remotely from a different location. This post demonstrates how to fix a recent issue some user's have run into where Windows changes the VPN credentials and the VPN fails to connect.

How to Fix Failing User Credentials on Domain-Joined Devices Connecting via VPNs

Connecting to business's resources using a VPN allows users to access files in shared drives, connect remotely to other devices on the network to run unique applications, and more. One of the main benefits of using a VPN is it provides a secure and encrypted connection between devices so users can access files as safely as if they were in the office.

Additionally, once a VPN has been configured on a user's device, there is little to no maintenance needed from the user. To connect, a user simply opens network settings on their device and double-clicks on the correct listed VPN to connect to it. Once connected, the user can access the resources they need. Unfortunately, when a VPN stops working, users can be confused about what credentials to enter because VPNs are often configured with credentials that differ from their device login credentials.

Recently, some users have been experiencing issues when connecting to a VPN as Windows is replacing the originally saved credentials with the user's Windows login ID. This of course causes the VPN connection to fail. Even if a user has the VPN credentials, having to enter these credentials each time they want to connect to it is a huge waste of time.

Luckily, there are some things that can be modified to fix this credential swapping issue and that should be a long-term fix that they will not break again.

To fix the VPN credentials on a domain-joined computer, follow the steps below:

  • On the device running Active Directory services, open "Active Directory Domains and Trusts".
  • Right-click on "Active Directory Domains and Trusts".
  • Click on "Properties".

NOTE: Be sure to right-click on the domains and trust heading, not the domain.

Right-click on domains and trust and select "Properties".

  • In the Properties window, type out your domain (e.g. in the box under "Alternative UPN suffixes" and click the "Add" button.

Add the domain to the alternative suffixes box.

  • Click "OK" to save the settings.
  • Close the Active Directory Domains and Trusts window.
  • Open "Active Directory Users and Computers".
  • Locate the user with the issue and double-click to open their user details.
  • Click on the "Account" tab.
  • Update the user login name to match the preferred account set in the previous Active Directory Domains and Trusts step. NOTE: This will likely be the user's business email address.

Open the Account tab of the user properties window to update the user preferred login.

  • Click the "OK" button to save the changes.
  • Close the Active Directory Users and Computers window.

Once these settings have been implemented, update the VPN login credentials. Now, every time the user connects to the VPN, the right credentials should remain and the user should be able to connect without running into any issues.

Using a VPN to connect users with network files and resources is an effective and secure way to ensure users can access what they need and get their job done. Unfortunately, more recently some users have experienced the VPN credentials being swapped out by Windows with their user login information. Updating the UPN suffix in Active Directory Domains and Trusts and the preferred user account in Active Directory Users and Computers fixes this issue so users no longer have to try and enter the correct VPN credentials over and over.

As always, technology is great as long as it works; knowing how to fix an issue that breaks something is critical!