Hello!
How to transfer user data from Active Directory via VPN to the client computer to be able to log in to offline user data when there is no VPN connection? Thank you in advance :) Sorry for my English.
Hello!
How to transfer user data from Active Directory via VPN to the client computer to be able to log in to offline user data when there is no VPN connection? Thank you in advance :) Sorry for my English.
The user will likely need to make an active online logon in order to used cached logon.
--please don't forget to upvote and Accept as answer if the reply is helpful--
After the tests, if I log in online, after restarting I can log in only for the same user. How to make it possible for other cached users without being online?
How to make it possible for other cached users
Each user needs to have logged on once active online in order to used cached logon.
--please don't forget to upvote and Accept as answer if the reply is helpful--
If I log in to every user online, will I be able to log in to every cached user? Because from what I can see, I can only log in to the last user. Others have a message that the domain is offline. Can I get around this?
If I log in to every user online, will I be able to log in to every cached user?
For a given pc yes that's how it works. The cached credentials are on pc and do not roam with user.
--please don't forget to upvote and Accept as answer if the reply is helpful--
If I try to log in on another user, I see something like this:
"We cannot provide you with this credential as your domain is unavailable. Find out that this device is networked to your organization and again. If you have logged in to this device using this credential, you can proceed with the credential."
What can I do?
I've never seen that message. Might try disjoin / rejoin the problem pc to domain again.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Hello,
You can Enable Windows Routing and Remote Access to allow dial-up connections or VPN connections, see how to do this below:
1) Click Start, point to Administrative Tools, then click Routing and Remote Access.
2) In the console directory, click Your_Server_Name.
3) In the lower right corner of the server icon next to Your_Server_Name , there is a circle that contains an arrow that indicates whether the Routing and Remote Access service is enabled or disabled:
a) If the circle contains a red arrow pointing down, the Routing and Remote Access service will not turn on.
b) If the circle contains a green arrow that points up, the Routing and Remote Access service will turn on.
4) If the Routing and Remote Access service is turned on and you want to reconfigure the server, you must disable the Routing and Remote Access service. To do this, follow these steps:
a) Right-click Your_Server_Name and click Disable Routing and Remote Access.
b) In the dialog box, click Yes.
5) Right-click Your_Server_Name and click Configure and Enable Routing and Remote Access to start the Routing and Remote Access Server Installation Wizard.
6) Click Next, click Remote Access (Dial Up or VPN) and click Next.
7) Click VPN or Dial-in, depending on the role you want to assign to this server.
8) Under How do you want IP addresses to be assigned to remote clients?, click Automatically or Within a specific range of addresses, then click Next. If you clicked automatically, go to step 9. If you clicked A specific range of addresses, follow these steps:
a) In the Address Range Assignment dialog, click New.
b) In the Start IP address box, type the first address in the range of IP addresses you want to use.
c) In the End IP address box, type the last address in the range of IP addresses you want to use, click OK, then click Next.
9) Click No, use Routing and Remote Access to authenticate connection requests, then click Next.
10) Click Finish to enable Routing and Remote Access service and configure the server as a Remote Access server.
Check the link below for Allow access to all users or individual users and check for workarounds.
Graciously,
Samuel
Hello,
In addition, I’d like to suggest you that
Please configure Domain controller GPO to maximum limit Number of previous logons to cache so that users can login without domain controller.
Also each user need to login to each PC to able to login offline on that computer.
I would suggest to setup VPN and one RODC if you have more users or more computers so that they can login seamlessly.
Please have a look below similar articals
https://docs.microsoft.com/en-us/troubleshoot/windows-server/user-profiles-and-logon/cached-domain-logon-information
If the reply was helpful, please don’t forget to upvote or accept as answer :)
Thanks,
PRAKASH T
Note 1:
As for the GPO, you only need to set it:
https://docs.microsoft.com/en-us/troubleshoot/windows-server/user-profiles-and-logon/cached-domain-logon-information
do I have to set anything else in gpmc.msc?
10 people are following this question.