I have a situation where domain users are trying to access a file server. When they're local to the domain, no problem. When they're off-site and they're using a VPN, I found that the credential being passed to the Server is the one for the Windows built-in VPN client, NOT the domain credential.
When I go into Windows Credential Manager under "Windows Credentials," I find *session. The "*session" credential is the username and password that they use to log into the VPN that we're using, and that's the credential that's being used to try and authenticate to the file server.
For now, I've been able to keep things moving along by manually entering their Windows credential for our fileserver in the Credential Manager, but I'd like to find a better way for Windows to pass the domain credential, not the VPN one.
This happens on both Windows 10 pro and 11 pro machines. Our servers are all Server 2019.