• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 815
  • Last Modified:

How to login to client pc even if the Domain Controller broken down or shutdown

Hi All

          i have a question relating to the domain controller, if i have a pc which already joined to the domain, and if the DC shutdown, all of the client pc wont be able to login to the computer, is there any GPO i can modify even if the DC broken down, all the client pc still can able to login to the computer ? Thanks !
0
piaakit
Asked:
piaakit
1 Solution
 
Joseph OLoughlinIT Support SpecialistCommented:
Log in normally, unless cached credentials are disabled.  See (for example)
http://windowsitpro.com/windows/domain-credential-caching
0
 
Satish AutiSenior System AdministratorCommented:
You can login using credentials who already logged on that pc from cache. no new logins possible.
0
 
David Paris VicenteSystems and Comunications  Administrator Commented:
Hi,

Normally the user´s can log in to machines even if DC is down because Microsoft Windows caches previous users logon information locally so that they can log on if a logon server is unavailable during later logon attempts.

But for that the user´s had to logon in that machine at least once, before the DC is down or the logon will failed.
In case a user had made some changes in his account information's since the last logon, this will no be reflected in that session.

You can configure this security setting by opening the appropriate policy and expanding the console tree as such: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\

For windows 2008 the default value of the cachedlogonscount registry entry has changed from 10 to 25.

That setting is controlled by the following key:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Current Version\Winlogon\ 

   ValueName: CachedLogonsCount
   Data Type: REG_SZ
   Values: 0 - 50

Open in new window


The other way is with local user accounts.

Hope this helps.

Regards
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now