xy8088
asked on
Ensure domain users can login to their workstations when domain is unavailable
We have users using Windows XP sp2 on a Win2k3 domain. The users have regular domain user accounts that they use to log on to the system with.
Some of them are taking their systems with them to work from home. How can I ensure that they'll be able to login to their accounts from home where our domain will be unavailable.
I worry that when they try to log inthey will get an error saying that they canot login because "DomainXYZ is unavailable." I do not want to have to create new user accounts for them, I want them to be able to continue using their same accounts.
Some of them are taking their systems with them to work from home. How can I ensure that they'll be able to login to their accounts from home where our domain will be unavailable.
I worry that when they try to log inthey will get an error saying that they canot login because "DomainXYZ is unavailable." I do not want to have to create new user accounts for them, I want them to be able to continue using their same accounts.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I made some typos sorry:-
The only limit is the number of USERS whose credentials are cached - 10 by default, but you can increase this to 50.
Note that it is the number of different USERS Once a user has logged on once while on the domain then the credentials are cached and can be used indefinately. There is NO LIMIT to the number of TIMES a user is allowed using cached credentials, just the number of different users whose credentials can be cached on each machine.
The only limit is the number of USERS whose credentials are cached - 10 by default, but you can increase this to 50.
Note that it is the number of different USERS Once a user has logged on once while on the domain then the credentials are cached and can be used indefinately. There is NO LIMIT to the number of TIMES a user is allowed using cached credentials, just the number of different users whose credentials can be cached on each machine.
ASKER
Correct but isn't there a limit to that? I believe that only works for 10 consecutive logins. You can go into gpedit.msc and change it to a maximum of 50 but thats that. Or maybe I am misunderstanding what this means in the policy editor:
Local Comp Policy > Comp Config > Windows Settings > Security Settings > Local Policies > Security Options > Interactive logon: Number of previous logons to cache (in case domain controller is not available)