Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Laptops and Domain - win2008 Std

Status
Not open for further replies.
brodeur30

brodeur30

Technical User
Apr 9, 2009
2
US
I need to setup a few laptops for a new network which runs a new domain using win2008 standard.

Once I join the laptops to the domain, I assume the user can take the laptop offsite and be able to login to the laptop with the domain credentials, correct?

Is there a time / day limit that their laptop login will work on the local laptop if they are not in the office? If so, how / where do I control it? SOme users will travel a lot, overseas as well, they will have VPN access through firewall software. Other users will be always attached to the LAN.

Please advise, thank you!
 
Sort by date Sort by votes
If the laptop is not connected to the domain, you will only be able to log in using either local accounts (non-domain accounts) or domain accounts that are cached locally. In order for the domain account to be cached that user has to log in with that account on that laptop while it is connected to the domain. Otherwise they won't be able to log in because there is no way for the domain to authenticate the account.

There is a new feature coming in Server 2008 R2 called DirectAccess that works similar to an always-on VPN that will allow you to authenticate remotely without using cached credentials, but it requires a certain amount of infrastructure to be set up in advance AND the client has to be Windows 7 (at least for now).

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Hyper-V
MCTS:System Center Virtual Machine Manager
MCSE:Security 2003
MCITP:Enterprise Administrator
 
Upvote 0 Downvote
The users will be able to login to the laptop offsite only after they have completed a successful domain logon. After this point they will be able to logon to the laptops using cached domain credentials, unless this feature has been specifically disabled. See the link below for detailed information on the logon process.

- How Interactive Logon Works


Cached Credentials
After a successful domain logon, information is cached; this means that later a user can log on to the computer with the domain account even if the domain controller that authenticated the user is not available. Because the user has already been authenticated, Windows uses the cached credentials to log the user on locally. For example, if a mobile user logs on to a portable computer that is a domain member with a domain account and then takes the portable computer to a location where the domain is unavailable, Windows will attempt to use the cached credentials from the last successful logon with a domain account to locally log on the user and allocate access to local computer resources.
Click to expand...


The password and account information for the cached credentials will not expire until the computer contacts the domain controller and renews the domain credential information. See the thread below for more information regarding this.

- Set cached domain credentials to never expire?

thread779-1401787



Joey
CCNA, MCSA 2003, MCP, A+, Network+, Wireless#
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
701
goombawaho
goombawaho
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
208
ADB100
ADB100
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
528
fredmartinmaine
fredmartinmaine
bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
167
DrB0b
DrB0b
froggy8
  • Locked
  • Question
cant add my windows 7 pc to my domain 1
Replies
3
Views
202
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top