Solved

What makes a domain login expire on machines not connected to the domain?

Posted on 2004-09-17
11
235 Views
Last Modified: 2010-03-18
Hi all,

I'm fairly new to networking and have recently setup a small Windows 2000 network.  I have a few users with laptops that work at home for a couple of days a week.  When they login in to their laptops at home, they login in using their network login, despite not being connected to our network - this has worked fine for the past year.

This morning however, I have a phone call from a user from home (who was in the office and therefore connected to the domain yesterday) saying that when she tries to login to her laptop, she is being told that 'The domain xxmyDomainxx is unavailble' and so she is unable to login.

I have talked her through logging in to her local account on her laptop and retrieved all of her settings BUT:

Does anyone know what causes this and is there any way to prevent it?

We have VPN access setup up for our users and I wondered if this would help but as she can't login in to he laptop to begin a VPN session, I don't see how that could help.

Any ideas anyone?

Thanks

Bob
0
Comment
Question by:BobFett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 

Expert Comment

by:D4n_
ID: 12082462
There is a registry setting in XP and 2000 that specifies the number of logons to cache. If this is set to 0 users will not be able to do an 'Offline Logon'. It might be worth checking it.

Open Registry Editor by clicking Run on the Start Menu and type: REGEDIT

Browse to the following registry entry
HKEY_LOCAL_MACHINE >SOFTWARE >Microsoft >Windows NT >CurrentVersion >Winlogon >cachedlogonscount

Verify that the cachedlogonscount variable is set to something other than 0.
0
 
LVL 2

Author Comment

by:BobFett
ID: 12082493
Hi D4n,

Thanks for your quick response - I got her to check and this is set to 10 and this was the first time she'd logged on since using the network.

Is this option always in effect?  I'm just curious as I always take my laptop on holiday with me and I must login in and out at least 40 times during a vacation but I never get locked out?  I'm pretty baffled!

Thanks

Bob
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 500 total points
ID: 12083645
For servers, this policy is defined by default in Local Computer Policy and the default value is 10 logons.

For more info on this using your Domain Controller and Group Policy (you can also bring up the local Group Policy window using Start > Run > gpedit.msc (OK):

http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url=/windows2000/techinfo/reskit/en-us/gp/579.asp

0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 2

Author Comment

by:BobFett
ID: 12083837
Fatal Exception,

Thanks for that, I'll award points based on help - I'm still trying work out what could have caused this to happen this tim however, so I can prevent it happening in the future.  This users last login was connected to the domain so it shouldn't have happened at all.

Thanks

Bob
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12084353
Very true...  They had the requisite cache, so the only thing I can think of is that the profile was not available or it was corrupted when they tried to logon.  I would wait and let the user log back into the Domain Controller, then if it happens again, we will know.

Also, have you considered a router to router VPN for your organization.  This will allow your at home workers to log directly into your DC without dealing with cached credentials...  Just a thought.

FE
0
 
LVL 3

Expert Comment

by:Pasdargent
ID: 12084983
Just my 2 cents, but I have experienced the same thing if someone takes a laptop home and they connect it to another/home network BEFORE attempting to login to the computer with cached credentials.  Give that a go and see.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 12089270
Don't get confused: The CachedLogonsCount value is the number of logons it *caches*, not the number of times a user is allowed to logon with cached information. So with a value of 10, the last 10 domain users having logged on will be able to use the machine offline.
Cached Logon Information
http://support.microsoft.com/?kbid=172931
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 13380511
Thanks..
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question