Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Any way to use cached credentials on XP

Status
Not open for further replies.
Rockstar101

Rockstar101

MIS
Jan 11, 2008
67
US
Hello all,

Does anyone know anyway to use the cached credentials on XP machines which are part of a domain. The policy XP is set by default to keep the last 10 user log on but those cached credentials are only used if the domain controller cannot be located.

Is there anyway to force XP clients to use their cached credentials first and not go to the DC to authenticate?

Your suggests/anwers are appreciated!
 
Sort by date Sort by votes
Unplug the ethernet cable until after they login. Im interested in hearing why you would want to login cached when a DC is available. Im struggling to think of single situation where i would want that to happen.



RoadKi11

"This apparent fear reaction is typical, rather than try to solve technical problems technically, policy solutions are often chosen." - Fred Cohen
 
Upvote 0 Downvote
Uh, yeah. If there is no connection, the cached credentials are used unless you expressly forbid that via policy. Why would you want to use cached credentials when there is a connection to the DC? What's the use case? This doesn't sound right.

 
Upvote 0 Downvote
unplugging the cable would not work for me. The reason I would like to discover a method of logging in using cached credentials is because we are a restaurant company. We have a few hub and thousands of remote sites we communicate with over slow link connection.

We only have a hand full of users needing to log in to troubleshoot and they add to network traffic and/or experience slow log on times.

So that being said does anyone know of a way to use cached credentials on XP?

Thanks, I would love to hear any concerns or suggestions,

Thanks again guys!
 
Upvote 0 Downvote
As long as a user has logged on from that machine previously they can used cached credentials to log on every time, one thing to consider however is to make sure that you don't enforce periodic changes to passwords (ie don't enforce the GPO to change the passwords after a set time).

Simon

The real world is not about exam scores, it's about ability.

 
Upvote 0 Downvote
Not sure what to say, i dont know of any way to login cached when a DC is available except to pull the cable like i said. I can offer some tips inferred by my questions. You state you have "thousands" of sites, exactly how many is "thousands"? How many DC's do you have? I ask because if you only have 2 DC's, depending on how many "thousands" of users you have, the DC's could be overwhelmed causing your problems. If you have many DC's are they all GC's? Do you utilize sites and services? Are you utilizing roaming profiles? Are your GPO's "excessively" configured? Are you running any large or complicated logon/logoff scripts? Are your users accessing POS software and if so do they have to pull large database or config type files when they login? What are the WAN connections to the users, DSL, T1, cable, dialup? Why are they so slow, cant they be upgraded to something faster? Are you using VPN's? Are virus's and malware running rampant on your network affecting performance? Are your users streaming audio or video affecting performance? By trying to login cached it seems you are trying to avoid the real issue of infrastructure problems.


RoadKi11

"This apparent fear reaction is typical, rather than try to solve technical problems technically, policy solutions are often chosen." - Fred Cohen
 
Upvote 0 Downvote
Wow Roadki11, those are all good questions and to answer a few, we have a bit over 2000 sites running over vsat which has latency be default. We're tring to optimize things so using cached creds was one way to increase the logon speed. We do use IE maintenance policy which is heavily loaded so that's something else we're looking at.

Thanks for everyones help.
 
Upvote 0 Downvote
Rockstar101,

I assume this is basically the same as you started to ask in this thread;


Cached credentials can only be used when a DC is not available. Now you say 2000 sites, but how many PCs are there in total and how many domain controllers do you have? I'm assuming all domain controllers are at a central site, but how many are there? Give us an overview of your TCP/IP setup, are all branchs on their own subnet (I assume they are), but give us some examples and what is the IP configuration of the PCs in the remote sites? do they point to the domain controllers as their preferred DNS server? What are the hardware specs of the domain controllers? What servers do the domain controllers have listed as their preferred dns server?

Paul
MCSE 2003
MCSA 2003
MCITP Enterprise Administrator

If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
743
DTGMI
DTGMI
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
923
microsGuy16
microsGuy16
penguinroundup
  • Locked
  • Question
programmatically delete all saved passwords for IE for any user
Replies
0
Views
399
penguinroundup
penguinroundup
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
552
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
1K
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top