question

AligatorHereman avatar image
0 Votes"
AligatorHereman asked FanFan-MSFT commented

can't sign in because your domain is not available

Hi,

When trying to login with disabled wifi/ethernet, we getting error as in subject.

Would anyone know event viewer location for this message?

We have following policy set up (rsop.msc results from laptop) as number 4:

Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Interactive Logon: Number of Previous logons to cache

As per reference [1] we do not have this user part of Protected Group (SID S-1-5-21--525)

In some solutions it's asking to add DNS 8.8.8.8, which is not possible or required for us to use, thus will not try that.

Also some solutions suggesting to "Interactive Logon: Number of Previous logons to cache" to 0, which does not makes sense. As in other environment it is set to 10 and it works perfectly (user creds being cached).


[1] https://docs.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/protected-users-security-group

windows-10-security
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Based on your article have you checked the Event Viewer for the Applications and Services Logs\Microsoft\Windows\Authentication and see if there is any log related to this problem there?

0 Votes 0 ·

Hi,
Welcome to share your current situation if there are any updates.

Best Regards,

0 Votes 0 ·

1 Answer

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered FanFan-MSFT commented

Hi,
Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Interactive Logon: Number of Previous logons to cache value 4

After the following policy was set, did you login the user on the machine with the with the connection to DCs?
If not, the user will not be able to cache the credentials.

We have to logon the user with connected to the DCs to cache the credentials, then if disconnected with the domain, the cached credentials will be used.
If i misunderstand you, feel free to let me know.

Best Regards,

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.


Hi,


Just want to confirm the current situations.
If there's anything you'd like to know, don't hesitate to ask.

Best Regards,

0 Votes 0 ·