We have FIM Password Reset Client Service 4.1.3508 installed on Windows 7 SP2 machines connecting to the FIM Server and at the Ctrl-Alt-Del it does not pass the Default Logon Domain dictated in Group Policy.
We have 2 Forest Domains in a Full Forest Trust where the Win7 computers and the FIM 2008 R2 Servers are in one Domain (DomainAComp) and the Users are in another (DomainBUsers).
On the Win7 workstations (DomainAComp), there is a Group Policy that defines the Default Logon Domain as the Users domain (DomainBUsers).
Administrative Templates/System/Logon
Assign a default domain for logon = Enabled
Default Logon domain: = DomainBUsers
FIM DOESN'T WORK When at the Ctrl-Alt-Del Logon screen - Users enter the following:
Username - usernameA
Password - (don't enter anything)
Domain (preset by policy) as DomainBUsers
Reset Password Link - Launches FIM Password Reset Client Service - Error - Users does not exist or doesn't have rights to change password.
DOES WORK - When at the Ctrl-Alt-Del Logon screen Users enter the following:
Username - DomainBUsers\usernameA
Password - (don't enter anything)
Domain DomainBUsers
The domain is a long one and users do not have to enter it to logon so they are not used to entering it. FIM should pass the default domain but it doesn't. There is nothing in the client settings to specify anything and we have the latest hotfix 3508.
Any other suggestions?
lforbes