question

DavidDawson-100 avatar image
0 Votes"
DavidDawson-100 asked SteveOravec-1877 commented

Cached logon not working

On one laptop we are seeing that cached credential don't work. We have DirectAccess set up so wherever they have an internet connection they should be able to log on, however, when this person doesn't have an internet connection because they're on the train or otherwise away from a fixed location they are offline. When they try to log on the see:

We can’t sign you with this credential because your domain isn’t available. Make sure your device is connected to your organization’s network and try again. If you previously signed in on this device with another credential, you can sign in with that credential.

I've checked Secpol.msc on this computer to confirm that the setting to allow cached credentials is set to the default. "Interactive logon: Number of previous logons to cache (in case domain controller is not available)" is set to 10.

She was logged onto the computer. She locked her computer and disconnected wifi and then tried to logon and it's not working. Is there somewhere else to look?

windows-active-directory
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

3 Answers

DavidDawson-100 avatar image
0 Votes"
DavidDawson-100 answered

The computer is running Windows 10 Enterprise with the latest updates and is joined to the domain. Due to current issues, this person is working outside the office full time and never has any trouble getting to resources such as files via mapped drives.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered SteveOravec-1877 commented

Hi,
Firstly.i would suggest confirm the Registry key under
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount type REG_SZ has the right value.

Then,make sure that the user had logged on to the computer when it was connected to the domain.

Or any other users had logged to this computer?Were the credentials working for other users.

Best Regards,

· 4
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SteveOravec-1877 avatar image SteveOravec-1877 ·

I am having the same issue with one domain user. At first was convinced it was an issue with OS - specific laptop (although only affecting this one particular user). Getting "The password is incorrect. Try Again" Once connected to domain, user can logon without issue. It is only one specific domain user, and has happened on two different laptops now, both domain joined and running Win10 Pro 21H1.

I've reformatted drive on one laptop (after trying everything else). Problem appeared resolved, then reappeared 5-10 days/attempts off domain. Had a spare slightly used different laptop so gave second laptop to user, after installing all programs fresh, exact same issue on second domain joined laptop after 5-10 attempts off domain.

Registry key above is set by AD policy and has correct value.

1 Vote 1 ·
FanFan-MSFT avatar image FanFan-MSFT ·

Hi,
Welcome to share your current situation if there are any updates.
Please feel free to let us know if you need further assistance.
 
Best Regards,

0 Votes 0 ·
FanFan-MSFT avatar image FanFan-MSFT ·

19284-image.png



0 Votes 0 ·
image.png (5.1 KiB)
AdamZeng-0420 avatar image AdamZeng-0420 ·

Hi, The registry key wasn't present and I then added the registry key in but this did not fix the issue. Any other solutions? Thanks

0 Votes 0 ·
G-6308 avatar image
1 Vote"
G-6308 answered

We had the same problem here, it turned out that on the laptop there was a local user with the same name as the domain user. We deleted the local user and the problem disappeared.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.