[problem] logon without users on the workstation

[Nepali]

i installed windows 2003 ent server with act. directory "DC=dserver.radius.com"

clients are windows 2000 and windows XP

i got a user created "demo" and "test" on active directory users and computer on staff organizational unit

For the first time i got logon to the domain with username "demo" it succedded to logon to the DC

but second time my DC is switched off (system is switched off) but also i am able to logon to the domain from the WKs computer with the same username "demo" to the same domain

the fact i don't have demo user created on the WKS system.

Is it possible to login to the the domain controller system without its existance on the network from the previously loggedon username.

how can we disable it.

i tried it on various WKS system,, all got same probmem.

i want a complete restriction: ie, domain users can't logon to the domain if it is not present on the network.

My problem is , the users created on the domain can easily logon to the domain from the WKS computer withour domain.

also i figured theres some folders created inside "documents and settings" with the username in local wks computer .

please help

[chilifrei64]

This is because windows will cache the password in the event that there is no domain controller available.

If you want to change this. You need to create a group policy for the domain and change the following setting

Open your group policy manager and create a new Group Policy and apply it to authenticated users in your workstations OU

Go to :

Computer Configuration-> Windows Settings -> Security Settings -> Local Policy -> Security Options -> Interactive Logon: Number of previous logons to cache(incase domain controller is not available)

Change this setting to 0

[Nepali]

thanks for the quick reply, i will give it a shot tomorrow as i am away rt now..

Few more things to ask still:

1. why does it take age to login to 2003 domain for windows XP (windows 2000 is very fast)

2. WKS documents and settings contains profile directory of all the users from domain controller ( how to disable to chache those)

3. why does windows 2003 + AD take 5 - 10 minutes to login ( i tired on many system)

4. will the cached profile get updated as soon as the DC is UP, (if i change some settings to that profile user on DC, will it get updated on that cached profile on WKS if my domain is UP)

5. how can i know how many clients can my OS handle.