HOW TO: Change the default domain that is used by the Routing and Remote Access Service or by IAS to authenticate users (826158)


The information in this article applies to:

  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server
Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SUMMARY

This article describes how to change the default domain that is used by the Routing and Remote Access service or by Internet Authentication Service (IAS) to authenticate users.

Mostly, users log on to computers that are running Microsoft Windows 2000 or Microsoft Windows Server 2003 by using a dial-up connection or by using a virtual private network (VPN) connection. Users use a user name, a password, and a domain name when they log on. Windows 2000-based computers and Windows Server 2003-based computers that run Routing and Remote Access or IAS may not be able to authenticate users if they omit one or more of these credentials. By default, if a user does not specify a domain name, Routing and Remote Access and IAS try to authenticate user accounts against the domain that the server belongs to.

MORE INFORMATION

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

You can change the default domain by modifying a registry key on the server that is running Routing and Remote Access or IAS. To do so, follow these steps:
  1. Click Start, and then click Run.
  2. In the Open box, type regedit, and then click OK.
  3. Locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RASMAN\PPP\ControlProtocols\BuiltIn

  4. In the right pane, right-click the DefaultDomain registry key, and then click Modify.
  5. In the Value data box, type RRAS or IAS, and then click OK.
Note By default, Routing and Remote Access or IAS can authenticate local user accounts on the server where they run. To turn on this authentication, follow these steps, but in step 5, type the computer name for the server that is running Routing and Remote Access or IAS instead of RRAS or IAS.
Modification Type:MajorLast Reviewed:1/6/2004
Keywords:kbRegistry kbRouting kbhowto KB826158 kbAudEndUser
©2003 Microsoft Corporation. All rights reserved.