No announcement yet.

Password Caching

  • Filter
  • Time
  • Show
Clear All
new posts

  • Password Caching

    We are working to migrate our remaining users to AD. Our DC's are 2003r2, clients are all XP.

    We have 3 site in the city where the DC's are, all connected via MPLS links, where password caching works without issue.

    We also have 2 sites in another state, connected via MPLS links where password caching does not work. When the user is not connected to the network, the get the "System could not log you in, make sure domain and username are correct, and re-enter your password", or something to that affect.

    When I run RSOP on the laptop of the user who can't login unless connected to the network, I see the proper password caching, Computer Cofiguration > Interactive Logon:

    PolicySettingInteractive logon: Number of previous logons to cache (in case domain controller is not available) 10

    logonsInteractive logon: Require Domain Controller authentication to unlock workstation Disabled

    I also see the users' succesful logon's in event viewer on the DC, but when I have them disconnect the laptop, they get the error described above.

    I suspect something is being blocked by our firewall, but after quite a bit of googling, I can't find which service is used to cache passwords, and which ports/protocols need to be allowed on the firewall.

    Can someone point me in the right direction?


  • #2
    Re: Password Caching


    The issue was due to impatience. Even with the GPO settings showing in rsop data, the passwords were not caching, (GPO changes and testing both took place within 2 hours of each other). After the user logged in this morning, I had him log off, unplug from the network and viola! He can log in!