The thing is, when you take the profile and download it to a client and double click the installer and install it. It works as intended. no problems BUT, when you distribute it through our distribution software(software is not subject to change anytime soon) the cmprofile(.cmp file) does not contain the Domain=ourdomain since it is created by the user when it runs the CM service profile for the first time. I think, this has something to do with that it is deployed with a service account and not by the actual user that the CM service profile is designated for. We are using this account because when the installer is run, you have two options, single user or all users. If we try to take single user, the user will not get it since it will be installed for the service account. and if we try to use the users account to install it the installers need for a UAC prompt stops the installation and it fails. So we use the service account so that the files get onto the computer. however, the .cmp file part of the puzzle is missing since it is installed for the service account. Then the user starts the connection profile and at that moment they create their own .cmp file that does not contain the domain=ourdomain part. I would love to distribute the connection profile via group policy, but the link you gave says nothing about that and i have not found any guide that describes it.

Hi! Due to our current deployment solution we have an issue when we're deploying CMAK made Connection profiles to our users. What we want is to have the users only type in username and password. and that the domain is correct by default. So in the CMAK we put Domain=ourdomain and our profile works perfectly if you run it as a logged in user manually. Although when we run it through our Deployment software we must use the local system account to install it(this is because if we do it as the "currently logged on user" the windows UAC stops the installation from finishing). And this means that when the user starts up the connection manager service profile, it creates a .cmp file, and that file does not contain Domain=ourdomain. Resulting in the connection attempt failing because of faulty credentials and our profile pack is useless. So, what we are looking for, is a way to force a default domain in a CMAK profile, and at this point we have turned over every little stone we could find and have no solution, so any ideas on how to solve this would be gold!

Hi, Thanks for posting here. > And this means that when the user starts up the connection manager service profile, it creates a .cmp file, and that file does not contain Domain=ourdomain. Im not sure this part you described cos if we have specified and included the connection profile we customized during the wizard, system will still use it at client side if we installate it by executing the exe file: Install Additional Files with the Connection Profile http://technet.microsoft.com/en-us/library/cc732395(WS.10).aspx If these clients are all domain joined , we can also distribute it via group policy : Distribute Your Connection Profile to Your Users http://technet.microsoft.com/en-us/library/cc753829(WS.10).aspx Thanks. Tiger LiTiger Li TechNet Community Support

Hi, Please first refer to the blog post below and I think it should help to achieve the goal: Provisioning VPN client settings using Group Policy http://blogs.technet.com/b/rrasblog/archive/2009/08/31/provisioning-vpn-client-settings-using-group-policy.aspx Thanks. Tiger Li Tiger Li TechNet Community Support

Got it to work through a group policy preference. just placed a .cmp file in %appdata%\microsoft\network\connections\_hiddencm\ et voila. Thanks for the tips though!

Hi, Glad to hear that! Thanks. Tiger LiTiger Li TechNet Community Support

Hi, Thanks for posting here. > And this means that when the user starts up the connection manager service profile, it creates a .cmp file, and that file does not contain Domain=ourdomain. Im not sure this part you described cos if we have specified and included the connection profile we customized during the wizard, system will still use it at client side if we installate it by executing the exe file: Install Additional Files with the Connection Profile http://technet.microsoft.com/en-us/library/cc732395(WS.10).aspx If these clients are all domain joined , we can also distribute it via group policy : Distribute Your Connection Profile to Your Users http://technet.microsoft.com/en-us/library/cc753829(WS.10).aspx Thanks. Tiger LiTiger Li TechNet Community Support