VPN to a customer's site locking out my local AD account

Solution 1:

Windows 7, by default, configures its L2TP VPN Connections to use their credentials for all subsequent authentication attempts after the VPN is connected. This works well for some situations, but for connecting to a VPN that does not share the same login/domain as your current computer’s domain membership, this can prove problematic (causing the account that the computer is logged in under to become locked out).

To correct the issue, the .PBK file that holds the VPN connection info must be adjusted.

In Windows 7, the path to the .PBK file for a user is here (filename may be different):

%APPDATA%\Microsoft\Network\Connections\Pbk\rasphone.pbk

Note: The %APPDATA% part was set to C:\Users\username\AppData\Roaming on this PC.

Open the rasphone.pbk file, and find the line that contains:

UseRasCredentials=1

and change it to be:

UseRasCredentials=0

and save the file.

That should prevent the issue with locking the local Domain user account out.