What makes a domain login expire on machines not connected to the domain?

Posted on 2004-09-17
Last Modified: 2010-03-18
Hi all,

I'm fairly new to networking and have recently setup a small Windows 2000 network.  I have a few users with laptops that work at home for a couple of days a week.  When they login in to their laptops at home, they login in using their network login, despite not being connected to our network - this has worked fine for the past year.

This morning however, I have a phone call from a user from home (who was in the office and therefore connected to the domain yesterday) saying that when she tries to login to her laptop, she is being told that 'The domain xxmyDomainxx is unavailble' and so she is unable to login.

I have talked her through logging in to her local account on her laptop and retrieved all of her settings BUT:

Does anyone know what causes this and is there any way to prevent it?

We have VPN access setup up for our users and I wondered if this would help but as she can't login in to he laptop to begin a VPN session, I don't see how that could help.

Any ideas anyone?


Question by:BobFett
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 12082462
There is a registry setting in XP and 2000 that specifies the number of logons to cache. If this is set to 0 users will not be able to do an 'Offline Logon'. It might be worth checking it.

Open Registry Editor by clicking Run on the Start Menu and type: REGEDIT

Browse to the following registry entry
HKEY_LOCAL_MACHINE >SOFTWARE >Microsoft >Windows NT >CurrentVersion >Winlogon >cachedlogonscount

Verify that the cachedlogonscount variable is set to something other than 0.

Author Comment

ID: 12082493
Hi D4n,

Thanks for your quick response - I got her to check and this is set to 10 and this was the first time she'd logged on since using the network.

Is this option always in effect?  I'm just curious as I always take my laptop on holiday with me and I must login in and out at least 40 times during a vacation but I never get locked out?  I'm pretty baffled!


LVL 40

Accepted Solution

Fatal_Exception earned 500 total points
ID: 12083645
For servers, this policy is defined by default in Local Computer Policy and the default value is 10 logons.

For more info on this using your Domain Controller and Group Policy (you can also bring up the local Group Policy window using Start > Run > gpedit.msc (OK):

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!


Author Comment

ID: 12083837
Fatal Exception,

Thanks for that, I'll award points based on help - I'm still trying work out what could have caused this to happen this tim however, so I can prevent it happening in the future.  This users last login was connected to the domain so it shouldn't have happened at all.


LVL 40

Expert Comment

ID: 12084353
Very true...  They had the requisite cache, so the only thing I can think of is that the profile was not available or it was corrupted when they tried to logon.  I would wait and let the user log back into the Domain Controller, then if it happens again, we will know.

Also, have you considered a router to router VPN for your organization.  This will allow your at home workers to log directly into your DC without dealing with cached credentials...  Just a thought.


Expert Comment

ID: 12084983
Just my 2 cents, but I have experienced the same thing if someone takes a laptop home and they connect it to another/home network BEFORE attempting to login to the computer with cached credentials.  Give that a go and see.
LVL 85

Expert Comment

ID: 12089270
Don't get confused: The CachedLogonsCount value is the number of logons it *caches*, not the number of times a user is allowed to logon with cached information. So with a value of 10, the last 10 domain users having logged on will be able to use the machine offline.
Cached Logon Information
LVL 40

Expert Comment

ID: 13380511

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor ( Top Charts is a view in which you can set seve…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question