Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 242
  • Last Modified:

What makes a domain login expire on machines not connected to the domain?

Hi all,

I'm fairly new to networking and have recently setup a small Windows 2000 network.  I have a few users with laptops that work at home for a couple of days a week.  When they login in to their laptops at home, they login in using their network login, despite not being connected to our network - this has worked fine for the past year.

This morning however, I have a phone call from a user from home (who was in the office and therefore connected to the domain yesterday) saying that when she tries to login to her laptop, she is being told that 'The domain xxmyDomainxx is unavailble' and so she is unable to login.

I have talked her through logging in to her local account on her laptop and retrieved all of her settings BUT:

Does anyone know what causes this and is there any way to prevent it?

We have VPN access setup up for our users and I wondered if this would help but as she can't login in to he laptop to begin a VPN session, I don't see how that could help.

Any ideas anyone?


1 Solution
There is a registry setting in XP and 2000 that specifies the number of logons to cache. If this is set to 0 users will not be able to do an 'Offline Logon'. It might be worth checking it.

Open Registry Editor by clicking Run on the Start Menu and type: REGEDIT

Browse to the following registry entry
HKEY_LOCAL_MACHINE >SOFTWARE >Microsoft >Windows NT >CurrentVersion >Winlogon >cachedlogonscount

Verify that the cachedlogonscount variable is set to something other than 0.
BobFettAuthor Commented:
Hi D4n,

Thanks for your quick response - I got her to check and this is set to 10 and this was the first time she'd logged on since using the network.

Is this option always in effect?  I'm just curious as I always take my laptop on holiday with me and I must login in and out at least 40 times during a vacation but I never get locked out?  I'm pretty baffled!


For servers, this policy is defined by default in Local Computer Policy and the default value is 10 logons.

For more info on this using your Domain Controller and Group Policy (you can also bring up the local Group Policy window using Start > Run > gpedit.msc (OK):

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

BobFettAuthor Commented:
Fatal Exception,

Thanks for that, I'll award points based on help - I'm still trying work out what could have caused this to happen this tim however, so I can prevent it happening in the future.  This users last login was connected to the domain so it shouldn't have happened at all.


Very true...  They had the requisite cache, so the only thing I can think of is that the profile was not available or it was corrupted when they tried to logon.  I would wait and let the user log back into the Domain Controller, then if it happens again, we will know.

Also, have you considered a router to router VPN for your organization.  This will allow your at home workers to log directly into your DC without dealing with cached credentials...  Just a thought.

Just my 2 cents, but I have experienced the same thing if someone takes a laptop home and they connect it to another/home network BEFORE attempting to login to the computer with cached credentials.  Give that a go and see.
Don't get confused: The CachedLogonsCount value is the number of logons it *caches*, not the number of times a user is allowed to logon with cached information. So with a value of 10, the last 10 domain users having logged on will be able to use the machine offline.
Cached Logon Information
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now