Forcing a logon to a domain if found

[wilsons935]

We have a number of laptop users (some are senior members of staff) who use their laptops in and out of the office. When outside they login locally.

We are finding that when the dock back into the office they are not remembering to change their login to the domain and they will just login locally. This causes problems with are group policies and SUS updates map drives etc.

Is there a way to force the laptop (XP) to prompt for a login to domain if one is found by windows at startup time. Obviously if no domain is found then they should be able to login locally.

Laptops are XP
Doimain is Windows 2000
Group Policies and Forced desktops / start menues are in use.

Any help/ideas appreciated.

Al Patch

 

[Grenage]

Not that I am aware of, but if they are not logged onto the domain they will not be able to access network drives surely?

 

[wilsons935]

That's true but at present the majority of our file and print sharing is controlled by Netware boxes and we use the windows boxes for authentication and user profiles group policy etc. The majority of thier applications are IP based to Email servers and Unix boxes.

Over time we are moving over to Windows to do the File and Print as well but for now they can survive without login to the Domain which is OK for them but not OK for me!

 

[Grenage]

I understand.

I can not think of a way for the domain to be chosen by default, in your position I would most likely use a security template to bring up a message before they log in. Something along the lines of "Please remember to log into the company domain when on the network!

 

[ap1612]

If your file and print servers on netware, are you using the novell client?
If you are then you can modify the novell client settings so that it doesnt keep the last login information and has it fixed to remember the domain. Unfortunatly this means that users will have to remember to change there settings everytime they are out the office.

 

[Micron1090]

If i remember correctly, Win2k has a caching system for logons. I used to take my laptop home, login as i normally do, then VPN into work. Your users should be able to boot up and login to the Windows side normally. If they can't, there are registry settings pertaining to caching accounts.

Have ya just tried booting one up and logging in normally? If so what's the message you're getting...

 

[Grenage]

If they can't, there are registry settings pertaining to caching accounts.

Good call. This is something else than can be specified using a local security template, I believe the default is to cache the last 2 logins.

 

[wilsons935]

Thanks for the feedback

We run Windows Client on the desktop (Used to use Novell Client but had way too many issues with it)

You all make good points. I have also seen laptops where the user was able to login using the domain credentials even when out of the office but for some reason our laptops do not allow this. Perhaps it is the cached login registry settings.

I will check the settings re cached logons and report back.

 

[Micron1090]

You can check HKLM\Software\Microsoft\WindowsNT\CurrentConfig\Winlogon

The key cachedlogonscount might help you, if that doesn't then my guess is there is something in the group policy or local securty policy that's stopping you.