Re: Cached Credentials

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

The password was correct. He gave me the password. I attempted to log
on to the domain while it was disconnected from the net work -> got the
error. The cached credentials for my domain admin account still worked
while the computer was off the network. I plugged the computer into the
network, and it logged in fine for his domain acct.. I let it sit on
the network for about an hour.

I've now disconnected him from the network, and throughout the day am
going to log in and log out again to try and get the error again. So
far after 20 attempts and 4 hours it is still ok to log in while "on
the road" using the cached credential.


Paul Bergson [MVP-DS] wrote:
Are you sure he hasn't forgotten his password? Did you have him try and
logon to a domain machine with the same password. This would verify that he
wasn't using an incorrect one.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Kbalz" <kbalczak@xxxxxxxxxxxxxxx> wrote in message
news:1169065835.160679.175400@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In reference to this topic :
http://groups.google.com/group/microsoft.public.windows.server.active_directory/browse_thread/thread/4ae002c879e8c33b/919811e2e35d194d?lnk=gst&q=Interactive+Logon%3A+Number+of+previous+logons&rnum=4&hl=en#919811e2e35d194d

I have a salesman who is going to be working from home, VPN connection
in. Client is Windows XP sp2, domain is Windows 2003 R2, He has been
gone for 3 days, able to login with no direct contact with the DC.. he
has been logging in using the cached credentials, and able to VPN in
just fine.

Today he got the message "cannot log in because the domain is not
available" it seems that the token only allowed him to login a certain
amount of times before it needs to have some DC communication.

How can I set this up, I am trying to avoid him logging in locally.

I can't seem to find any security policy that fits the bill. Thanks,


.

Relevant Pages

  • Re: Roaming man profile, 2000 server and xp pro clients
    ... > driver that doesn't ready up or get an IP before the login screen appears. ... > network connection is active at the time, ... When cached credentials are disabled and a DC ... >> roaming profile. ...
    (microsoft.public.win2000.networking)
  • Re: Network Cable Disconnection and Elevated Access
    ... if they are logging on as only plain users then they should ... if the network is disconnected during the login. ... "Always wait for the network at computer startup and logon" ...
    (microsoft.public.security)
  • Re: Unable to connect to domain when network disconnected
    ... To use the cached credentials on the workstation without the domain, the user have to login ONCE to the domain with his user account and password. ... huge installation of Active Directory to the clients. ... unplug from the network and when they trying ...
    (microsoft.public.win2000.active_directory)
  • Re: Force caching of credentials
    ... When they try to login and it fails with the results that you describe are they connected to any broadband type connection? ... I ask because the XP system will sometimes try to find a domain if it sees a live network connection...it has been my experience that if you login to the computer then connect the network that you don't see this ... The GPO for the domain is setup to allow cached credentials. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Blank page after logging in ASP.NET web app
    ... Can you post the code you are using to redirect after a succesful login ... feeds the private side of the network. ... When logging in from the ... private network I have no problem, ...
    (microsoft.public.dotnet.languages.csharp)