locked
Windows 7 Client Cached Credentials RRS feed

  • Question

  • Hi all,

    In short, I encountered an issue today where a Windows 7 Client in a Server 2008 R2 Domain environment lost its network connection (someone pulled the cable out), but the user was still able to log into their domain account, obviously without any resources etc. Clients are set to save a copy of the users profile for 14 days, as the same user usually logs onto the same Client.

    Probably a dumb question, but how would I make it so that a network connection/domain authentication is required to be able to log in? I would ideally like to leave profile caching on, but just not the ability to log in with cached credentials.

    I'm guessing this is a group policy setting somewhere?

    Many Thanks,

    mctw1992

    Thursday, April 11, 2013 8:26 PM

Answers

  • Through a GPO you can change this at the location "Computer Config\Windows Settings\Security Settings\Local Policies\Security Options" and what you want to configure is option "Interactive Logon: Number of previous logons to cache (in case domain controller is not available)".  Set this to 0 and they won't have cached credentials anymore.

    Be kind and Mark as Answer if I helped.

    • Proposed as answer by Cloud_TS Monday, April 15, 2013 2:27 AM
    • Marked as answer by Cloud_TS Friday, April 26, 2013 2:51 AM
    Thursday, April 11, 2013 9:36 PM