|
Posted by Steven L Umbach on October 24, 2007, 12:17 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Steve
> Correct, cached credentials never expire.
>
> --
> Steve Riley
> steve.riley@microsoft.com
> http://blogs.technet.com/steriley
> http://www.protectyourwindowsnetwork.com
>
>
>> As far as I can tell cached credentials are good for a very long time and
>> don't know if there is an actual time limit. I have come across a user
>> that had a old laptop from work that was using them over a year after
>> being off the network connected to a domain controller.
>>
>> The value you see in security policy controls the number of domain users
>> that can have cached credentials on a domain computer and not the number
>> of times a domain user can logon with cached credentials. Of course if a
>> domain user connects to their network where a domain controller lives [or
>> through a VPN] and their password has been changed in Active Directory
>> they will not be able to access domain network resources with the cached
>> credentials that use the old password.
>>
>> Steve
>>
>>
>>> Hi I want to know how much time a credential of a user belonging a
>>> domain lasts in a computer without access to the domain controller?
>>>
>>> I know there is a configuration for saving the cache credentials for
>>> 10 users, but I want to know if there is other way besides putting the
>>> value of "number of previous logons to chache" to zero that allow me
>>> to control the time that a cached credential is valid
>>>
>>> thanks a lot
>>> Luis
>>>
>>
>>
| 
XML site map