I am trying to find a solution that forces cached credentials to expire on a device after (x) amount of time. What I want to achieve is for users to have the ability to log into a device (e.g. Win 8 tablet) with cached credentials while off the domain
for 30 days from the last time they connected to the domain. So, if the device has not contacted the domain in 30 days or more, they cannot log into the device without reconnecting to the domain. I know interactive logon can set a number of attempts,
but I want to set a time limit on how long a device is off domain before becoming locked. Maybe I am over looking a simple solution someplace, and making this more difficult than needed. Any ideas?? Thanks.
Cached credential on a client won’t expire by itself no matter how long it is unplugged from domain. The only setting that is available is how many cached credentials will remain. I found a script that might meet your needs. Please check:
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.