Force caching of credentials

G

Guest

I have a few users that have constant problems with cached crendentials when
trying to work offline. The GPO for the domain is setup to allow cached
credentials. But, they still find that there are situations when they try to
log on while off the network they receive, "the xx domain is not available."

Is there a utility or script that I can use to force the XP SP2 laptops to
force the caching of credentials at every shutdown or logoff? I know that it
is supposed to happen automattically, but this would be a safe guard against
it not happening.
 
D

David H. Lipman

From: "Mr. Grey" <[email protected]>

| When they try to login and it fails with the results that you describe
| are they connected to any broadband type connection? I ask because the
| XP system will sometimes try to find a domain if it sees a live network
| connection...it has been my experience that if you login to the computer
| then connect the network that you don't see this (and the logon
| processes much more rapidly, since it doesn't try to locate any DCs)
|
| There is probably a better way to do this, I'll research and let you know.
|
| Cheers,
| Mr. Grey
| Look, it's a sparrow
| http://www.redsphereglobal.com
|

I also would forward to such information. :)
 
D

David H. Lipman

From: "David H. Lipman" <[email protected]>

|>
| I also would forward to such information. :)
|

That came out like crap -- sorry.

I too look forward to such information.
 
M

Mr. Grey

When they try to login and it fails with the results that you describe
are they connected to any broadband type connection? I ask because the
XP system will sometimes try to find a domain if it sees a live network
connection...it has been my experience that if you login to the computer
then connect the network that you don't see this (and the logon
processes much more rapidly, since it doesn't try to locate any DCs)

There is probably a better way to do this, I'll research and let you know.

Cheers,
Mr. Grey
Look, it's a sparrow
http://www.redsphereglobal.com
 
G

Guest

Actually most, if not all, of them have wireless networks at home. With that
said, that means that the wireless profile has not made a connection to the
wireless network, but i am sure that the wireless card is starting to
negotiate with the wireless network.

But, most of the time there is no issue...it seems that the issue arises
once in a while, but it always occurs at some point.
 
M

Mr. Grey

Keith,

Here is the quick and dirty....generally when you receive the Domain XXX
not available after being successful one day and not the next means they
hit a DC with no GC, or they typed in the wrong passwrd and the client
went DC shopping to authenticate properly...but didn't find a DC and
thus produced the error....there is no GPO to "force caching"...you can
disable cashing in the GPO "this would override the default value of
cache the last 10 logins", but that is not the default option...

David,
I think that it's the flux capacitor, no?

Regards,
Mr. Grey
Select * from users where clue > 0;
0 records returned eh?
http://www.redsphereglobal.com
 
G

Guest

All of our Domain controllers are GCs. So for a user not to hit one during
log in is impossible. We do ahave a GPO that allows the client to cache the
last two users that have logged onto the client.

I know that there is no GPO to force caching. I am asking if there is a
utility or script that I can run on the client to make it contact a DC\GC and
cache the credentials locally on the client prior to shutdown or logoff. It
would be like a shutdown script...
 
H

Harry Johnston

Keith said:
I know that there is no GPO to force caching. I am asking if there is a
utility or script that I can run on the client to make it contact a DC\GC and
cache the credentials locally on the client prior to shutdown or logoff. It
would be like a shutdown script...
Click to expand...

Credentials are cached during the logon process. There isn't any way for them
to be cached at shutdown (the computer can't cache the password without knowing
what it is!) and I don't think there's an API to control the caching process,
e.g., to force a particular account to be kept in the cache or to store a
particular set of credentials. I can't be certain of that - there are so many
Windows APIs it's easy to miss one!
We do ahave a GPO that allows the client to cache the
last two users that have logged onto the client.
Click to expand...

I suggest you increase this number, at least back to the default value of 10. I
suspect this will eliminate or at least reduce the problems you are experiencing.

Harry.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

cached login credentials 11
synchronizing domain user Local cached credentials with domain (VP 4
Understanding Cached Credentials 8
Cached credentials not working 1
Cached Credentials - AD Group Memberships 2
Cached Credentials out of sync with Domain 0
Cached Credentials Password Change 3
Vista caching passwords causes domain account lockout... 5

Top