Cached Credential Issue After Locking
Most laptops are fine with this issue. But with a couple of them, when they lock their laptop and take it out of the network, they are not able to login. It complains about no logon servers. However, if they restart the laptop, they are
able to login fine using cached cred. I tried taking the laptop out of the domain and readding it back in. Is there a solution to this problem instead of just shutting down.
April 24th, 2012 12:51pm
Hi,
Regarding the issue, please try the following suggestions.
1. Perform a clean boot and disable your security software temporarily for a test.
2.
Remove the cached credentials.
3. Modify the following registry, adjust the value to 20 or 30. Before changing it, please backup it first.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
Setting Name: CachedLogonsCount
Data Type: REG_SZ
Value: Default value = 10 decimal, max value = 50 decimal, minimum value = 1 decimal
Meanwhile, I would like to share the following articles with you. Hope it helps.
Err Msg: There are Currently No Logon Servers Available...
http://support.microsoft.com/kb/139410
Error message when you try to log on to a Windows Server 2008-based RODC: "There are currently no logon servers available to service the logon request"
http://support.microsoft.com/kb/949048Niki Han
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
April 26th, 2012 3:04am
1. Performing a clean boot will always allow the user to login through cached credentials or connected to the network.
From the looks of it, it looks like the laptop thinks it is still in the domain, even though it is not.
2. Cached credentials do work. However, it works after a clean reboot.
3. I don't think increasing cached logon will do anything. It is not like it is getting locked out because the count is at zero.
May 1st, 2012 12:59pm
If this setting is enabled in your group policy that could explain why the laptops are looking for domain controller for authentications and giving you an error.
http://technet.microsoft.com/en-us/library/cc779612(v=ws.10).aspx
Interactive logon: Require Domain Controller authentication to unlock workstation
Free Windows Admin Tool Kit Click here and download it now
May 1st, 2012 1:23pm
If this setting is enabled in your group policy that could explain why the laptops are looking for domain controller for authentications and giving you an error.
http://technet.microsoft.com/en-us/library/cc779612(v=ws.10).aspx
Interactive logon: Require Domain Controller authentication to unlock workstation
May 1st, 2012 8:18pm
Hi,
If the issue doesn't occur in clean boot, you can enable half of the services or half of the startup items to narrow down the root cause.
Niki Han
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2012 4:28am
Hi,
If the issue doesn't occur in clean boot, you can enable half of the services or half of the startup items to narrow down the root cause.
Niki Han
TechNet Community Support
May 2nd, 2012 11:24am