DIY: Cache credentials on a domained PC

In response to a reader's question, Jack Wallen devised a trick for caching credentials on a domained and VPNed PC when the VPN isn't available.

A TechRepublic member emailed me about a situation that arose in which a machine was on a domain but could only get to the domain when connected to the VPN. The reader could log on as the domain administrator but not the regular user because the domain admin had his credentials cached on the machine. It turns out the VPN wasn't set up. The other problem was that the user isn't always going to be on the domain or on a network.

My answer is that the credentials need to be cached; otherwise, the user won't be able to log in when he is not on the domain. But how can this be done when the machine is not currently on the domain or the VPN? I came up with a nifty little trick to get those precious credentials cached.

Before following my instructions, you need to consider these requirements in order for the trick to work: The domain admin credentials must have been previously cached on the computer. With the credentials cached, it is possible to log on to the machine.

  1. Log on and connect the VPN so the user can be authenticated.
  2. Navigate through the Start Menu to Notepad, hold down the Shift key, and right-click the Notepad entry.
  3. Select Run As Different User from the drop-down list.
  4. Enter the domain credentials for that user.
  5. Create a dummy file in Notepad and save the file.
  6. Log out as the domain admin.
  7. Log in with the user using the domain credentials.

You should be able to log in as that user without having to be on the domain or the VPN. I highly recommend you set up that user so the VPN comes up at boot. If this is not possible, you should make sure the credentials are cached.

Working on a domained environment can be both a blessing and a curse. For the most part, it will make life much easier, but when problems arise, brace yourself for a challenge.

Ask Jack: If you have a DIY question, email it to me, and I'll do my best to answer it. (Read guidelines about submitting DIY questions.)