Interactive logon: Number of previous logons to cache (in case domain controller is not available)

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Interactive logon: Number of previous logons to cache (in case domain controller is not available)

Description

Determines the number of users who can have cached credentials on the computer.

All previous users' logon information is cached locally so that, in the event that a domain controller is unavailable during subsequent logon attempts, they are able to log on . If a domain controller is unavailable and a user's logon information is cached, the user is prompted with a message that reads as follows:

Windows cannot connect to a server to confirm your logon settings. You have been logged on using previously stored account information. If you changed your account information since you last logged on to this computer, those changes will not be reflected in this session.

If a domain controller is unavailable and a user's logon information is not cached, the user is prompted with this message:

The system cannot log you on now because the domain <DOMAIN_NAME> is not available.

In this policy setting, a value of 0 disables logon caching. Any value above 50 only caches 50 logon attempts.

Default: 10

Configuring this security setting

You can configure this security setting by opening the appropriate policy and expanding the console tree as such: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\

For specific instructions about how to configure security policy settings, see Edit security settings on a Group Policy object.

For more information, see: