Cached vs. Domain Login?

[Guest]

What utility or syntax at a CMD prompt can I use at my workstation to tell if
I'm logging in locally or in a cached mode. In other words, I want to prove
to myself that I'm really being authenticated for resources on my network by
my Active Directory domain controller for privileges or use of objects on my
network while sitting at my workstation. I want to confirm that I'm not
simply logging in based on cached account information on my workstation since
I'm not really communication with the AD domain controller. This would prove
to my LAN Admin why I’m unable to use printers, shares etc. Yes, I’m able to
login using my ID and password but it may be cached on my workstation and not
happening at the AD domain controller.

Thanks for your help!

 

[Jeff Whitehead]

You can reference the environment variable %logonserver%
If you log in properly (i.e. on the network) then this will be set to the
name of the DC which authenticated your login.
Otherwise (i.e. if using cached credentials) I think this is set to your
local machine name.

If this is true, you could use something like the following:

if %logonserver%==\\%computername% echo Cached Credentials

(note you need the '\\' before the computername because %logonserver% is a
UNC name whereas %computername% is not.

Alternaitvely, just echo each of the variables.

Hope this helps,

Jeff.