This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 62%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDZ%3C/text%3E%3C/svg%3E)
These days, thanks to the pandemic, we have many users working on their laptops from home (connecting to the domain through VPN once they login). Extremely rarely (it's happened a handful of times in the past 3-4 months) we have a user who suddenly can't login to their domain account using cached credentials. My instinct tells me it is related to our Interactive Logon policy limiting cached credentials to 1 account total. It has happened once to one of our senior network admins who assures me he never logged in with any other account, so I am not sure how the cached credentials are being replaced. I have read all over the place that cached credentials never expire, so I know that isn't the issue.
I am not sure what to do besides recommending to my boss that we change our cached credentials policy to save 2 accounts instead of 1. Has anyone else worked through a similar problem?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 16%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHX%3C/text%3E%3C/svg%3E)
Hello,
Thank you for posting in our TechNet forum.
According to your description, we did not work through the similar problem. Logon information for domain accounts can be cached locally so that, if a domain controller cannot be contacted on subsequent logons, a user can still log on.
It is suggested that we could change our cached credentials policy to save more accounts. The value of this policy setting indicates the number of users whose logon information the server caches locally. If the value is 10, the server caches logon information for 10 users. When an eleventh user logs on to the device, the server overwrites the oldest cached logon session.
For more information, we could refer to:
https://video2.skills-academy.com/en-us/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available
For any question, please feel free to contact us.
Best regards,
Hannah Xiong