Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 637
  • Last Modified:

Cached Login Credentials not Working..cannot log into domain when not attached to Network...

Hi,

I have a client with a small lan, running windows 2003 server with AD...

The MD has a Sony laptop that connects to the network via a built in 802.11b Network Card... eveything works perfectly when connected to the network.

When the laptop is removed from the network (the user takes it home / turn off the WiFi AP) you can no longer log into the domain, if you try it gives the following error message :

"The system cannot log you on now because the domain <DOMAIN_NAME> is not available"

Having the user log into a local profile is not an option as he needs access to the files stored in the network user profile.

I know this should work (my personal laptop Caches my credentials and allows me to log on when not in the office, and so does every other laptop I have ever seen)...

I have tried changing the following Reg key, but it has made no difference :

   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Current Version\Winlogon\

   ValueName: CachedLogonsCount
   Data Type: REG_SZ
   Values: 0 - 50 (now set at 50)

I have also installed SP2, still no difference.. I have also removed the laptop from the domain (made up a fake workgroup then joined the domain again)...still no difference...

I have also reset the passwords for all the accounts that use this computer... still no change...

I have also checked the domain policy on the server and the above Reg Key is also set to 50... still no change...

ANYONE... PLEASE... this is doing my head in!

Cheers,

Adam Harling.
0
Netitude
Asked:
Netitude
  • 7
  • 4
1 Solution
 
NetitudeAuthor Commented:
Sorry should mention that the laptop is obviosly running XP Pro...
0
 
SunshineVKCommented:
Pls can u check on the following policies
Policy => Computer Configuration => Windows Settings ==> Security Settings => Local Policies => User Rights Assignment
Allow log on locally
Policy => Computer Configuration => Windows Settings ==> Security Settings => Local Policies => Security Options
Interactive logon : No of previous logons to cache (in case domain controller is not avaliable)
Interactive Logon : Require Domain Controller Authentication to unlock workstation

Pls let me know if my suggestions were of some help.
0
 
NetitudeAuthor Commented:
Where would I find this policy - in the security policy editor on the W2003 server?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
SunshineVKCommented:
The best way to administer Group Policies would be to install Group Policy management Console (it a MS product.)
Secondly u need to look at the
(1)Default Domain Policy
(2) Defalut Domain Controller Policy.
(3) Machine local security Policy
(4) Also u need to check any other group policies if they have been implemenmented.

What i would suggest is download winpolicies.exe (again a a MS product). Execute it on the Win XP client. Then u will come to know which all policies are being implemented on the client & then u can look at the options posted above in those specific policies only.

Pls let me know if the above suggestion is of any help.

0
 
NetitudeAuthor Commented:
Hi,

Thanks for the responses...

I have checked the above policies..

Allow logon Locallay is enabled for all the suers and groups
Interactive logon : No of previous logons to cache (in case domain controller is not avaliable) is set to 10 (domain policy)
Interactive Logon : Require Domain Controller Authentication to unlock workstation is set to disabled (domain policy)

Any other ideas???

Cheers,

Many thanks for the help so far.

Adam.
0
 
SunshineVKCommented:
You can try doing a RSop for that laptop to know what exact value is being set on the client laptop.
I am assuming that the OS on the laptop is XP? is the Firewall truned on.
Also can u check by having the user logon to any other laptop in offlien as well as in online mode?
0
 
NetitudeAuthor Commented:
Hi again,

What's RSop?

The Laptop is XP Pro SP2, Firewall is indeed turned on...

I have tried other machines, logged on, logged off, pulled the cable out, logged on, works perfectly as it should...

Also... I downloaded the windows resource kit, and ran winpolicies.exe, still cant see anything in there that shows anything different to what I have already found (i.e. everything policy wise looks as it should)..

From my experimentation with the other PCs I know this MUST be a local security policy / registry problem...just wish I could find it!

Sony Support suggested I format the hard drive and re-install... if this was anyone other than the MD that might be an option...just can't afford to take his laptop away for that long...

Thanks very much with your help so far SunshineVK, your a star, any more ideas????

Cheers,
Adam.
0
 
NetitudeAuthor Commented:
Ps... Founf Rsop... will give that a go...
0
 
SunshineVKCommented:
Few more suggestions :
(1) Remove the laptop from the domain & readd it
(2) Take a backup of the all local profile
(3) Delete all the local profiles
(4) Log off & logon agin

Pls let me know if it works.
0
 
NetitudeAuthor Commented:
Hi,

I have had to return the user to a local profile, and he is now accessing the network ad-hock... not ideal.. I have had to do this as he has taken the laptop home for a long weekend (wish my long weekends started on a thursday!)

I think I have resigned myself to formatting the bloody thing and re-installing XP... that way It'll defo work...

When I get it back I'll come back on here and give you an update..

Cheers,

Adam.
0
 
NetitudeAuthor Commented:
Formatted the Hard Drive and reinstalled.. working now.. cheers for all the help.. I think the points should go to SunshineVK

Cheers,

Adam.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now