If I'm runningi an MS 2000 server as a VPN server, and clients connect from
home, how can I best detect what the *originating* IP address or name of the
user associated with a particular VPN client machine is? This would help me
have a talk with the people who don't do all their security updates and whom
my scans detect as needing the recent RPC updates.

I can get a list of the active client IP addresses from using the NT 4.0
PDC's management tools and checking the routing tables on the VPN server,
but if there are multiple clients at a time it's hard for me to make the
association, and to associate it with the specific VPN user.