Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Ensure domain users can login to their workstations when domain is unavailable
Posted on 2008-06-11
We have users using Windows XP sp2 on a Win2k3 domain. The users have regular domain user accounts that they use to log on to the system with.
Some of them are taking their systems with them to work from home. How can I ensure that they'll be able to login to their accounts from home where our domain will be unavailable.
I worry that when they try to log inthey will get an error saying that they canot login because "DomainXYZ is unavailable." I do not want to have to create new user accounts for them, I want them to be able to continue using their same accounts.
Some of them are taking their systems with them to work from home. How can I ensure that they'll be able to login to their accounts from home where our domain will be unavailable.
I worry that when they try to log inthey will get an error saying that they canot login because "DomainXYZ is unavailable." I do not want to have to create new user accounts for them, I want them to be able to continue using their same accounts.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
- +1
5 Comments
As long as they've logged in at least once, their credentials will be cashed on the box. If the machine is unable to connect to the domain, Windows will simply checked these cashed credentials as the user logs in to see if the username/password match.
>>As long as they've logged in at least once, their credentials will be cashed on the box
Correct but isn't there a limit to that? I believe that only works for 10 consecutive logins. You can go into gpedit.msc and change it to a maximum of 50 but thats that. Or maybe I am misunderstanding what this means in the policy editor:
Local Comp Policy > Comp Config > Windows Settings > Security Settings > Local Policies > Security Options > Interactive logon: Number of previous logons to cache (in case domain controller is not available)
Correct but isn't there a limit to that? I believe that only works for 10 consecutive logins. You can go into gpedit.msc and change it to a maximum of 50 but thats that. Or maybe I am misunderstanding what this means in the policy editor:
Local Comp Policy > Comp Config > Windows Settings > Security Settings > Local Policies > Security Options > Interactive logon: Number of previous logons to cache (in case domain controller is not available)
they will never get this error on XP...... XP was created to be able to log into the machine, while away from the office.....
I have xp machines that have been off the domain for years that still log in OK. I think maybe those policies are for something else...
I have xp machines that have been off the domain for years that still log in OK. I think maybe those policies are for something else...
The only limit is the nukmber of users whose credentials are cached - 10 by default, but you can increase this to 50.
Note that it is the number od USERS, once a user has logged on once while on the domain then the cached credentials can be used indefinately, there is no limit to the number of TIMES a user is allowed using cached credentials
Note that it is the number od USERS, once a user has logged on once while on the domain then the cached credentials can be used indefinately, there is no limit to the number of TIMES a user is allowed using cached credentials
I made some typos sorry:-
The only limit is the number of USERS whose credentials are cached - 10 by default, but you can increase this to 50.
Note that it is the number of different USERS Once a user has logged on once while on the domain then the credentials are cached and can be used indefinately. There is NO LIMIT to the number of TIMES a user is allowed using cached credentials, just the number of different users whose credentials can be cached on each machine.
The only limit is the number of USERS whose credentials are cached - 10 by default, but you can increase this to 50.
Note that it is the number of different USERS Once a user has logged on once while on the domain then the credentials are cached and can be used indefinately. There is NO LIMIT to the number of TIMES a user is allowed using cached credentials, just the number of different users whose credentials can be cached on each machine.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.
However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Two types of users will appreciate AOMEI Backupper Pro:
1 - Those with PCIe drives (and haven't found cloning software that works on them).
2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month4 days, 5 hours left to enroll
630 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.