R
Randy Bickford
Hi -
The situation has always been that once a user logs on to an NT/2K/XP
machine with a domain account, that user can remove the computer from the
network and still log on to the computer using cached creds.
Group Policy exposes the registry setting for this under Local Security
Policy in "Interactive Logon: Number of cached logons......". The default
number is 10. Ever since I first saw this in W2K, I wondered why our laptop
users can go away for months without connecting to our network yet are able
to logon more than 10 times without any failure. We're on an NT4 domain but
the Local Policy should still apply on our W2K and XP machines.
What's up with that? Not really a problem (just the opposite, in fact) but
I'm curious.
Thanks.
The situation has always been that once a user logs on to an NT/2K/XP
machine with a domain account, that user can remove the computer from the
network and still log on to the computer using cached creds.
Group Policy exposes the registry setting for this under Local Security
Policy in "Interactive Logon: Number of cached logons......". The default
number is 10. Ever since I first saw this in W2K, I wondered why our laptop
users can go away for months without connecting to our network yet are able
to logon more than 10 times without any failure. We're on an NT4 domain but
the Local Policy should still apply on our W2K and XP machines.
What's up with that? Not really a problem (just the opposite, in fact) but
I'm curious.
Thanks.