Results 1 to 6 of 6
  1. #1
    3 Star Lounger
    Join Date
    Dec 2001
    Location
    Atlanta, Georgia, USA
    Posts
    276
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question Windows cached password question

    Hi all. I have a Windows 7 laptop that's a member of a Windows domain. The person using this laptop can obviously log into it with his domain credentials (domainname\username and then his domain account password) when he's connected to the network or not. What I'm wondering is if there's a time limit set on how long that password will be cached locally. This laptop may not connect directly to our network for 6 months or more. What I'm worried about is if one day in a few weeks he'll attempt to log into the laptop with his domain credentials and be told he can't because he's not connected to the domain. Any idea on how long that password is cached for?

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,172
    Thanks
    47
    Thanked 981 Times in 911 Posts
    There is no time limit. Once authenticated you remian authenticated - unless you re-connect to the network.

    cheers, Paul

  3. #3
    3 Star Lounger
    Join Date
    Dec 2001
    Location
    Atlanta, Georgia, USA
    Posts
    276
    Thanks
    0
    Thanked 0 Times in 0 Posts
    That's good to know. Here's an added question. If he connects back to our corporate network via the Juniper SSL VPN solution we use will that sync up his password on his desktop? In other words, his password will change every 3 months. He'll be spending 3 days on site and 2 days off site every week for the foreseeable future. The laptop will remain off site, however, and he doesn't want to have to bring it back with him every so often if at all possible. He just wants to leave it at its other location off network. So while he's in the office let's say his password expires and he changes it. Now he goes to his off site location, logs into his laptop using his old password and then connects to the corporate network via the Juniper SSL VPN, using his newly changed password of course, will that mess with his locally cached domain password?

  4. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,172
    Thanks
    47
    Thanked 981 Times in 911 Posts
    I don't know that particular VPN solution, but the standard mechanism is for the password to be left alone - you might be connecting to a network that has nothing to do with the laptop. Doing this will require 2 passwords, one for the laptop and one for the VPN connection.

    cheers, Paul

  5. #5
    New Lounger redearl's Avatar
    Join Date
    Sep 2004
    Location
    Iowa
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Windows it's self has a built in password that the PC uses to log into the DOMAIN, and it has an expiration time frame just like a user account.
    If the PC, is not connected to the network/domain before the PC password expires, windows will not authenticate with the domain, and he will have authenication issues.
    IF the VPN is setup correctly, it should pass the domain info thru, and all should be well.
    Get with your Network/secutity team to verify the configuration.

  6. #6
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,172
    Thanks
    47
    Thanked 981 Times in 911 Posts
    The machine password is changed every 7 days by default, but it's expiry will not prevent the machine connecting to the domain - the machine will connect and then the password will be changed. Disabling the machine account will stop logon, but this does not occur unless you do it manually - lots of places automatically disable accounts not used for X days as part of normal admin processes.

    cheers, Paul

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •