

Great! And since AD passwords generally only change every 30-90 days this is a fantastic method to provide a great user experience in a highly mobile environment. So cached credentials allow users to access a machine even when no DC is available to authenticate the user. What is the Issue with Cached Credentials?

In this scenario, Windows uses the cached credentials from the last logon to log the user on locally and to allocate access to local computer resources. Then, the user takes the laptop to a location where the domain is unavailable. For example, suppose a mobile user uses a domain account to log on to a laptop that is joined to a domain. Because the user has already been authenticated, Windows uses the cached credentials to log the user on locally. Later, a user can log on to the computer by using the domain account, even if the domain controller that authenticated the user is unavailable. On Microsoft Active Directory environments, Cached credentials allow a user to access machine resources when a domain controller is unavailable.Īfter a successful domain logon, a form of the logon information is cached.

To totally unlock this section you need to Log-in
