Solved

What makes a domain login expire on machines not connected to the domain?

Posted on 2004-09-17
11
231 Views
Last Modified: 2010-03-18
Hi all,

I'm fairly new to networking and have recently setup a small Windows 2000 network.  I have a few users with laptops that work at home for a couple of days a week.  When they login in to their laptops at home, they login in using their network login, despite not being connected to our network - this has worked fine for the past year.

This morning however, I have a phone call from a user from home (who was in the office and therefore connected to the domain yesterday) saying that when she tries to login to her laptop, she is being told that 'The domain xxmyDomainxx is unavailble' and so she is unable to login.

I have talked her through logging in to her local account on her laptop and retrieved all of her settings BUT:

Does anyone know what causes this and is there any way to prevent it?

We have VPN access setup up for our users and I wondered if this would help but as she can't login in to he laptop to begin a VPN session, I don't see how that could help.

Any ideas anyone?

Thanks

Bob
0
Comment
Question by:BobFett
11 Comments
 

Expert Comment

by:D4n_
Comment Utility
There is a registry setting in XP and 2000 that specifies the number of logons to cache. If this is set to 0 users will not be able to do an 'Offline Logon'. It might be worth checking it.

Open Registry Editor by clicking Run on the Start Menu and type: REGEDIT

Browse to the following registry entry
HKEY_LOCAL_MACHINE >SOFTWARE >Microsoft >Windows NT >CurrentVersion >Winlogon >cachedlogonscount

Verify that the cachedlogonscount variable is set to something other than 0.
0
 
LVL 2

Author Comment

by:BobFett
Comment Utility
Hi D4n,

Thanks for your quick response - I got her to check and this is set to 10 and this was the first time she'd logged on since using the network.

Is this option always in effect?  I'm just curious as I always take my laptop on holiday with me and I must login in and out at least 40 times during a vacation but I never get locked out?  I'm pretty baffled!

Thanks

Bob
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 500 total points
Comment Utility
For servers, this policy is defined by default in Local Computer Policy and the default value is 10 logons.

For more info on this using your Domain Controller and Group Policy (you can also bring up the local Group Policy window using Start > Run > gpedit.msc (OK):

http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url=/windows2000/techinfo/reskit/en-us/gp/579.asp

0
 
LVL 2

Author Comment

by:BobFett
Comment Utility
Fatal Exception,

Thanks for that, I'll award points based on help - I'm still trying work out what could have caused this to happen this tim however, so I can prevent it happening in the future.  This users last login was connected to the domain so it shouldn't have happened at all.

Thanks

Bob
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 40

Expert Comment

by:Fatal_Exception
Comment Utility
Very true...  They had the requisite cache, so the only thing I can think of is that the profile was not available or it was corrupted when they tried to logon.  I would wait and let the user log back into the Domain Controller, then if it happens again, we will know.

Also, have you considered a router to router VPN for your organization.  This will allow your at home workers to log directly into your DC without dealing with cached credentials...  Just a thought.

FE
0
 
LVL 3

Expert Comment

by:Pasdargent
Comment Utility
Just my 2 cents, but I have experienced the same thing if someone takes a laptop home and they connect it to another/home network BEFORE attempting to login to the computer with cached credentials.  Give that a go and see.
0
 
LVL 82

Expert Comment

by:oBdA
Comment Utility
Don't get confused: The CachedLogonsCount value is the number of logons it *caches*, not the number of times a user is allowed to logon with cached information. So with a value of 10, the last 10 domain users having logged on will be able to use the machine offline.
Cached Logon Information
http://support.microsoft.com/?kbid=172931
0
 
LVL 40

Expert Comment

by:Fatal_Exception
Comment Utility
Thanks..
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now