Re: Cached credentials
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 23 Oct 2007 20:27:00 -0500
As far as I can tell cached credentials are good for a very long time and
don't know if there is an actual time limit. I have come across a user that
had a old laptop from work that was using them over a year after being off
the network connected to a domain controller.
The value you see in security policy controls the number of domain users
that can have cached credentials on a domain computer and not the number of
times a domain user can logon with cached credentials. Of course if a domain
user connects to their network where a domain controller lives [or through a
VPN] and their password has been changed in Active Directory they will not
be able to access domain network resources with the cached credentials that
use the old password.
Steve
"luissol" <luissol@xxxxxxxxx> wrote in message
news:1193101565.965955.179060@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi I want to know how much time a credential of a user belonging a
domain lasts in a computer without access to the domain controller?
I know there is a configuration for saving the cache credentials for
10 users, but I want to know if there is other way besides putting the
value of "number of previous logons to chache" to zero that allow me
to control the time that a cached credential is valid
thanks a lot
Luis
.
- Follow-Ups:
- Re: Cached credentials
- From: Steve Riley [MSFT]
- Re: Cached credentials
- References:
- Cached credentials
- From: luissol
- Cached credentials
- Prev by Date: Re: Cached credentials
- Next by Date: Re: How do you prevent workstations in a server 2003 domain from locki
- Previous by thread: Cached credentials
- Next by thread: Re: Cached credentials
- Index(es):
Relevant Pages
|
