There's nothing specific to SBS that impacts the ability to log in with
cached credentials, and it should be enabled by default. In my
configuration, that "Interactive logon" setting you mention is not defined
in the Default Domain Policy (or anywhere else I can find in a GPO). It's
just set to the default of 10 in the local security policy on the
workstations. So if you're looking at the local security policies and
seeing it set to something other than 10, then someone either manually set
it that way, or at some point configured it with a policy (even if that
policy no longer exists).
I can't think of much that would cause logon with cached credentials to
fail, with the possible exception that if you changed the setting from not
defined and the user had not logged in since (while connected to the
domain). I would have the user connect the PC to the LAN and log in, then
check the system and app logs for any possibly relevant errors during
startup and login.
"DS" <> wrote in message
news:8dfe7$4af44cfc$4c0a9a5f$-Free...
>I got a call to setup a Vista Business laptop on a Windows Server 2003
>Small Business Server domain. I added the Vista Business laptop to the
>domain, and can login as both administrator and a regular domain user
>without issue when connected to the network.
>
> The issue is that the laptop needs to used in remote locations without
> network access (so a VPN connection to the domain is not an option). When
> it is disconnected, it seems that I can still logon as a domain
> administrator, but when I try logging in as a user that has used the
> laptop before (and thus their credentials should be cached), I get the
> error "There are currently no logon servers available to service the logon
> request." I thought this was a Group Policy / Domain Security Setting...
>
> I've checked both of the following:
> (Default Domain Security Settings)/Local Policies/Security
> Options/Interactive logon: Number of previous attempts to cache: (not
> defined) -- I tried setting this to 10, and performing a gpupdate /force
> /wait:-1, rebooting twice (just to ensure it sticks), but the issue
> persists.
>
> (Default Domain Security Settings)/Local Policies/Security
> Options/Interactive logon: Require Domain Controller authentication to
> unlock: (not defined) -- I tried setting it to disable, and repeating the
> gpupdate/reboot dance and it also had no effect.
>
> The policy is getting applied: the laptop does receive the policy (I've
> done a RSOP.MSC and a gpresult.exe). I've also checked the registry key
> HKLM\Software\Microsoft\WindowsNT\CurrentVersion\W inlogon and the key
> "cachedlogonscount" is at 10.
>
> I've also checked the resultant set of policy for a domain user and the
> system at issue on the server and see nothing that should prevent it from
> caching previous logons. I even went so far as to try my adding my own
> Vista Business workstation to their domain, and the same issue persists
> when it is disconnected. I tired it with an XP workstation, and the error
> I get is "The system cannot log you on now because the domain is not
> available."
>
> I posted this originally to the Group Policy TechCenter at MS, and after a
> bit of discusion, people there seem to think that it may not be GP
> afterall and may be a Small Business Server setting!
>
> Can someone please point me in the right direction? Thanks very much in
> advance.
>
>
|
Similar Threads
Linear Mode
