We have external users connecting to our network through a VPN service. If their account they are logging into their PC with (ex. jsmith) matches an account on our domain (ex. abc\jsmith), we see invalid password attempts on our domain account. The external users are mostly running a version of Windows 7 and joined to another domain. So, when they login to their PC, they login to the account home\jsmith. As soon as they connect up to the VPN, we see invalid passwords on the 2008 DC's for account ndgov\jsmith coming from the IP address assigned to their external users computer on our domain. We see this from many different computers. The only solution we have found is to either have the user change their account they are logging into the external PC (if their ID's actually match) to use an account that does not belong to our domain or synch their passwords.
We have utilized VPN for many years, but this only reared it's head when we migrated to a new solution due to support for Windows 7 (couple years ago). So, not sure if this is a Windows 7 issue where it is not sending the domain information with the request or our DC's that are ignoring the domain information in the authentication request.
Any insight would be appreciated.
Thanks in advance.