If you’re running Microsoft Windows Vista Business or Ultimate edition and the machine is part of an Active Directory (or Samba) domain, you might run into problems when connecting to a VPN (Virtual Public Network).
When you go through Vista Start -> Connect To -> Set up a connection or network -> Connect to a workplace:
After you go through the process of adding the VPN, the dialog box just disappears or it says it can’t connect.
If you look at the Event log, it may show errors 651, 1068 or 1297 when starting the firewall, telephony, application layer gateway service, or remote access connection manager. If you attempt to start the services manually, you will very likely get the same errors.
Cause: The permissions required to start these services have been revoked when you joined the computer to a domain. When the (domain) group policy includes “user rights assignment -> adjust memory quotas for a process”, Vista will wipe out any local permissions for this particular setting.
Workaround: Reset the policy for “user rights assignment -> adjust memory quotas for a process”. A word of warning, contact your windows system administrator for permission to do this or have that person do it. DO NOT DO THE FOLLOWING WITHOUT EXPRESS PERMISSION FROM YOUR SYSTEM ADMINISTRATOR! You will need to have local administrator rights for this.
Control Panel -> Administrative Tools -> Local Security Policy -> Local Policies -> User Rights Assignment
Make sure that LOCAL SERVICE and NETWORK SERVICE are listed.
Next, start the command prompt in Administrator Mode: Vista Start -> Accessories -> (right click on Command Prompt and choose “Run as Administrator”):
Finally, reboot the machine. The services should start right up now. Go and reset up your vpn. 🙂