Stupid question here...
I have a web app at my office that I log into. We have multiple domains and on Win2000 clients the authentication dialog has Username/Password/Domain fields so I could log in. I just upgraded my PC to XP Pro and now the dialog box only have Username/Password.

I can still authenticate if I type my username in the <domain>\username format however I really do not want my end-users to do that because it will be a support nightmare. Any way to force XP to put that field in? I thought perhaps it was a local policy or something but have yet to stumble upon it.

TIA

uhh...

Try joining the machine to the domain?

uhh...

Try joining the machine to the domain?

I believe the computer is joined to one domain but he wants to be able to join and switch between domains.

I dont have all the answers but i think this might help.
http://www.windowsnetworking.com/articles_tutorials/wxpjoind.html

It looks like you have to change and join all the domains you want the first time around, and then their should be an options dialogue that lets you choose what you are joining to.

Hope it helps,

Mark

Go into User Accounts and turn off the Welcome Screen.

Perhaps I was not clear. Say I have a helpdesk system in place. It uses NT Authentication for users to log into the system to submit helpdesk tickets etc. This system is web-based. A user loads up the page and is prompted for a username/password/domain if using Win 2000.

Now say a user wants to log into the system from home. The user brings up the website from a home PC and it still prompts for username/password/domain on Win 2000. All is still well.

On WinXP however the prompt is for only Username and Password.

grrr

Then you just enter it as:

ID: domain\username
PW: password

No need for the domain box to actually be there.

Then you just enter it as:

ID: domain\username
PW: password

No need for the domain box to actually be there.


Yeah, I know I can do that. The problem is training the 300+ users that are used to having the 3 fields to do it.

So, is the answer that the Kerberos login API in XP no longer has the field or is it that all I have to do is modify a policy setting or registry key to get &#^$ windows to display the damn thing?

Well, the reason it's prompting for a password is because the local user is not logged on with an authenticated account.

You could:

1) make sure that the users are logging into the domain properly before accessing the system
or
2) make sure the system itself is in the same domain as the users, if it's not already

Then Windows will just pass through their credentials & there should be no need to log on again.

Of course, this may not be an optimal solution if people are accessing on non-company owned machines. In that case, perhaps the system itself should be in a DMZ & not a member of the domain - having external access to a member of an internal domain is a pretty big security hole. But this also adds a new layer of problems in getting the users authenticated back into the domain from the DMZ.

My personal solutuion that I use in my company is that any external access to internal resources must be made via a VPN connection. That way I know for sure who is accessing my systems, I know it's a secure connection, and the user is already authenticated by the time they make it into the network, so no need to authenticate again.

Sorry I don't have any quick & easy solutions for ya...

Is it possible the "workstation" service on the home xp computer needs to be started? If that's not it, then JeffBX might be right. You won't get a "domain" field until WinXP sees a reason to give it to you. Thus, if your home pc isn't a member of a domain, it's not going to provide you the ability to screw yourself up.