ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    [Help] Windows 10 lost AD profile [remote user]

    IT Discussion
    7
    33
    2.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stess
      last edited by

      Hi guys :beer_mug:

      I posted this on spiceworks but apparently everyone is on vacation this week

      I have a user who took her laptop on a vacation. She normally work in office so we didn't setup VPN for her + she does not need access to our file server for her tasks while she is remote. This is not the first time she took her laptop with her, but this is the first time she was not able to login with her credential.

      alt text

      Have anyone ever seen this error before? We did not introduced any new GPO the past weeks and no major changes are made...especially on the OU her user account is in.

      Right now she's basically stranded. We gave her credential to local account we created for safe keeping (not admin) so she has something to do What might be the cause for this?

      Couple of things that might help are she's working off her phone hotspot, She has been on a vacation/remote for 2-3 weeks. She was able to log in with her domain account just last week.

      Any thoughts are appreciated.

      PS. Happy holidays to those taking PTO 😄

      1 Reply Last reply Reply Quote 1
      • D
        Dashrender
        last edited by

        Why did she choose other user? you normally only do that when trying to not log in as the last user. Are you sure she's typing in the same username/password as the last time she was on the domain?

        S 1 Reply Last reply Reply Quote 0
        • S
          stess @Dashrender
          last edited by

          @dashrender said in [Help] Windows 10 lost AD profile [remote user]:

          Why did she choose other user? you normally only do that when trying to not log in as the last user. Are you sure she's typing in the same username/password as the last time she was on the domain?

          I got this from a generic google search. I saw her typed in her credential and got the same message. I even try my credential and admin credential and got the same error message.

          1 Reply Last reply Reply Quote 0
          • B
            black3dynamite
            last edited by

            Sounds like the her cached user profile is not working correctly.

            S 1 Reply Last reply Reply Quote 1
            • S
              stess @black3dynamite
              last edited by

              @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

              Sounds like the her cached user profile is not working correctly.

              I was told similarly from another post. But I am not sure what would be the cause.

              D 1 Reply Last reply Reply Quote 0
              • D
                Dashrender @stess
                last edited by

                @stess said in [Help] Windows 10 lost AD profile [remote user]:

                @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                Sounds like the her cached user profile is not working correctly.

                I was told similarly from another post. But I am not sure what would be the cause.

                Disk corruption.

                S 1 Reply Last reply Reply Quote 0
                • B
                  black3dynamite
                  last edited by

                  Interactive logon: Number of previous logons to cache

                  https://docs.microsoft.com/en-us/windows/device-security/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available

                  Check to see if Protected Users is configured.

                  https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/how-to-configure-protected-accounts

                  S 1 Reply Last reply Reply Quote 0
                  • S
                    stess @Dashrender
                    last edited by

                    @dashrender said in [Help] Windows 10 lost AD profile [remote user]:

                    @stess said in [Help] Windows 10 lost AD profile [remote user]:

                    @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                    Sounds like the her cached user profile is not working correctly.

                    I was told similarly from another post. But I am not sure what would be the cause.

                    Disk corruption.

                    That's a possibility. To note: it's a brand new laptop (2 months old) with decent spec.

                    1 Reply Last reply Reply Quote 0
                    • S
                      stess @black3dynamite
                      last edited by

                      @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                      Interactive logon: Number of previous logons to cache

                      https://docs.microsoft.com/en-us/windows/device-security/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available

                      Check to see if Protected Users is configured.

                      https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/how-to-configure-protected-accounts

                      I already checked protected user group. We do not have anyone/group in it.

                      I'll read about this logon cache.

                      B 1 Reply Last reply Reply Quote 0
                      • B
                        black3dynamite @stess
                        last edited by

                        @stess said in [Help] Windows 10 lost AD profile [remote user]:

                        @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                        Interactive logon: Number of previous logons to cache

                        https://docs.microsoft.com/en-us/windows/device-security/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available

                        Check to see if Protected Users is configured.

                        https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/how-to-configure-protected-accounts

                        I already checked protected user group. We do not have anyone/group in it.

                        I'll read about this logon cache.

                        It might just be easier if you setup VPN on her laptop and have her login.

                        S 1 Reply Last reply Reply Quote 1
                        • S
                          stess @black3dynamite
                          last edited by

                          @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                          @stess said in [Help] Windows 10 lost AD profile [remote user]:

                          @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                          Interactive logon: Number of previous logons to cache

                          https://docs.microsoft.com/en-us/windows/device-security/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available

                          Check to see if Protected Users is configured.

                          https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/how-to-configure-protected-accounts

                          I already checked protected user group. We do not have anyone/group in it.

                          I'll read about this logon cache.

                          It might just be easier if you setup VPN on her laptop and have her login.

                          That's already on the list. But my plate is full, and it's not that urgent. Just that I've never seen this issue before. Any I want to prevent it from happening... ever again.

                          1 Reply Last reply Reply Quote 0
                          • JaredBuschJ
                            JaredBusch
                            last edited by

                            Cached creds have expired.

                            Log in on the network.

                            S D 2 Replies Last reply Reply Quote 2
                            • S
                              stess @JaredBusch
                              last edited by

                              @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                              Cached creds have expired.

                              Log in on the network.

                              Anyway to prevent it from expiring? or extend the caching?

                              B JaredBuschJ 2 Replies Last reply Reply Quote 0
                              • B
                                black3dynamite @stess
                                last edited by black3dynamite

                                @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                Cached creds have expired.

                                Log in on the network.

                                Anyway to prevent it from expiring? or extend the caching?

                                Increase the value. The max is 50.

                                S 1 Reply Last reply Reply Quote 0
                                • JaredBuschJ
                                  JaredBusch @stess
                                  last edited by

                                  @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                  @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                  Cached creds have expired.

                                  Log in on the network.

                                  Anyway to prevent it from expiring? or extend the caching?

                                  You can change domain settings related to this. But it has been years since I looked into it.

                                  It could be the machine credentials have expired and not user.

                                  Domain machines are not designed to be off the network forever.

                                  1 Reply Last reply Reply Quote 2
                                  • S
                                    stess @black3dynamite
                                    last edited by

                                    @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                                    @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                    @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                    Cached creds have expired.

                                    Log in on the network.

                                    Anyway to prevent it from expiring? or extend the caching?

                                    Increase the value. The max is 50.

                                    Are you referred to the "Interactive logon: Number of previous logons to cache (in case domain controller is not available)
                                    " ?

                                    @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                    @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                    @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                    Cached creds have expired.

                                    Log in on the network.

                                    Anyway to prevent it from expiring? or extend the caching?

                                    You can change domain settings related to this. But it has been years since I looked into it.

                                    It could be the machine credentials have expired and not user.

                                    Domain machines are not designed to be off the network forever.

                                    Any keyword I can start off with? Especially the machine credentials setting.

                                    B 2 Replies Last reply Reply Quote 0
                                    • B
                                      black3dynamite @stess
                                      last edited by

                                      @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                      Are you referred to the "Interactive logon: Number of previous logons to cache (in case domain controller is not available)
                                      " ?

                                      Yes.

                                      S 1 Reply Last reply Reply Quote 0
                                      • B
                                        black3dynamite @stess
                                        last edited by

                                        @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                        @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                                        @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                        @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                        Cached creds have expired.

                                        Log in on the network.

                                        Anyway to prevent it from expiring? or extend the caching?

                                        Increase the value. The max is 50.

                                        Are you referred to the "Interactive logon: Number of previous logons to cache (in case domain controller is not available)
                                        " ?

                                        @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                        @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                        @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                        Cached creds have expired.

                                        Log in on the network.

                                        Anyway to prevent it from expiring? or extend the caching?

                                        You can change domain settings related to this. But it has been years since I looked into it.

                                        It could be the machine credentials have expired and not user.

                                        Domain machines are not designed to be off the network forever.

                                        Any keyword I can start off with? Especially the machine credentials setting.

                                        https://docs.microsoft.com/en-us/windows/device-security/security-policy-settings/domain-member-maximum-machine-account-password-age

                                        1 Reply Last reply Reply Quote 0
                                        • S
                                          stess @black3dynamite
                                          last edited by

                                          @black3dynamite said in [Help] Windows 10 lost AD profile [remote user]:

                                          @stess said in [Help] Windows 10 lost AD profile [remote user]:

                                          Are you referred to the "Interactive logon: Number of previous logons to cache (in case domain controller is not available)
                                          " ?

                                          Yes.

                                          I just checked all the GPOs. We do not have this enabled. Should I enable it?

                                          B 1 Reply Last reply Reply Quote 0
                                          • D
                                            Dashrender @JaredBusch
                                            last edited by

                                            @jaredbusch said in [Help] Windows 10 lost AD profile [remote user]:

                                            Cached creds have expired.

                                            Log in on the network.

                                            They do that?
                                            I just today had a laptop come into the office that hasn't logged in over a year. In fact I had deleted the computer account too. While the PC was on the network, it refused to logon because there was no domain computer account, but once I disconnected the network, the cached creds worked just fine.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post