Laptop Logins outside Domain

By calvinc ·
Hi All,

I'm trying to work out the best way for our company's laptop users (XP on Win2k3 network) to logon to their laptops off-network and still be able to view their normal cached domain profile.

I've tried this in two ways already. Neither of them are particularly satisfactory:

1. Create a local user on the laptop, and redirect the local account's profile to the cached domain account's profile, using the ProfileImagePath setting in registry.
Benefit: The user can logon locally as many times as they like
Problem: Because two accounts are pointing at the one profile, it often corrupts. this is a huge PITA

2. Don't create the local user. But change the "number of previous logons to cache" in Computer Management to the max value of 50.
Benefits: No corrupted profiles. No need to create a local account.
Problem: If out of office for more than a week, the user will surely run out of local logons (50).

I'm sure there's a really simple answer, but im having trouble finding it.



This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Does it really work that way?

by dryflies In reply to Laptop Logins outside Dom ...

I have my cached logins set to two for my domain and it does not seem to be a problem. with a value of two, then the last two profiles are cached and both Bill and Joe can log in detached.
Or am I missing something here? It works on my domain.
if this is helpful, tell TR

Collapse -

that would be really cool

by calvinc In reply to Does it really work that ...

Hi Dryflies.
Thanks for the reply.
If thats the case, then that'd be really cool. (i havent been a network admin for that long)
The microsoft kb article seems to imply that the number is related to the number of times a given user can log on to his/her cached profile, as opposed to the number of distinct user profiles that will be cached.

I've also had a couple of really embarrassing experiences where our remote guys havent been able to login because, i assumed, the number of off-network logins had run out.

About to go home, so i'll give it a try on monday and let you know. I'm definitely doing something wrong because it works for you - just cant work out what..


Collapse -

I'll check my group policy

by dryflies In reply to that would be really cool

according to the technote, it does work the way you originally described. I'll check my group policy to see if an override is available.

Collapse -

A closer look...

by cure1245 In reply to that would be really cool

The key to the technote is further down the page:

"Logon information for domain accounts can be cached locally so that, in the event a domain controller cannot be contacted on subsequent logons, a user can still log on. <b>This setting determines the number of unique users for which logon information is cached locally.</b>"

Kind of a dual message, but I think this how it really works.

Related Discussions

Related Forums