Nepali Posted July 19, 2007 Share Posted July 19, 2007 i installed windows 2003 ent server with act. directory "DC=dserver.radius.com"clients are windows 2000 and windows XPi got a user created "demo" and "test" on active directory users and computer on staff organizational unitFor the first time i got logon to the domain with username "demo" it succedded to logon to the DCbut second time my DC is switched off (system is switched off) but also i am able to logon to the domain from the WKs computer with the same username "demo" to the same domainthe fact i don't have demo user created on the WKS system.Is it possible to login to the the domain controller system without its existance on the network from the previously loggedon username.how can we disable it.i tried it on various WKS system,, all got same probmem.i want a complete restriction: ie, domain users can't logon to the domain if it is not present on the network.My problem is , the users created on the domain can easily logon to the domain from the WKS computer withour domain.also i figured theres some folders created inside "documents and settings" with the username in local wks computer .please help Link to comment Share on other sites More sharing options...
chilifrei64 Posted July 19, 2007 Share Posted July 19, 2007 This is because windows will cache the password in the event that there is no domain controller available. If you want to change this. You need to create a group policy for the domain and change the following settingOpen your group policy manager and create a new Group Policy and apply it to authenticated users in your workstations OUGo to :Computer Configuration-> Windows Settings -> Security Settings -> Local Policy -> Security Options -> Interactive Logon: Number of previous logons to cache(incase domain controller is not available)Change this setting to 0 Link to comment Share on other sites More sharing options...
Nepali Posted July 19, 2007 Author Share Posted July 19, 2007 thanks for the quick reply, i will give it a shot tomorrow as i am away rt now.. Few more things to ask still:1. why does it take age to login to 2003 domain for windows XP (windows 2000 is very fast)2. WKS documents and settings contains profile directory of all the users from domain controller ( how to disable to chache those)3. why does windows 2003 + AD take 5 - 10 minutes to login ( i tired on many system)4. will the cached profile get updated as soon as the DC is UP, (if i change some settings to that profile user on DC, will it get updated on that cached profile on WKS if my domain is UP)5. how can i know how many clients can my OS handle. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now