When I ran into this issue, I remember how frustrating it was to troubleshoot. So, I’m adding my solution here, hope it helps someone!
If you’re in a situation where you’re setting up a Windows domain-joined computer for remote access to a SMB share that is to be accessed through a VPN, you may run into a situation where Windows attempts to use the VPN session credentials to authenticate the SMB share/mapped drive connection and fails. You can verify this by opening Windows Credential Manager and deleting the session stored creds, you will notice that you’re now able to access your mapped drive.
This typically wouldn’t be a problem if the VPN was connecting to a Windows RRAS server on the same domain because the creds would be the same, or if your VPN server that is not RRAS authenticated users through LDAP for the said domain.
Now, that we have that out of the way, here’s the solution!
Under %AppData%\Microsoft\Network\Connections\Pbk you will find the VPN setttings file called rasphone.pbk, edit it with notepad and make these changes:
Right click on the VPN’s .pbk file and open it with Notepad. (Remember to untick ‘Always use this program for this file type’)
Roughly 5 lines down will be an entry ‘UseRasCredentials=1’
Change this to ‘UseRasCredentials=0’
Save the file.
Now, your SMB share will authenticate with the stored creds once again!