Authentication Timeout

I have a small Win 2003 Server domain, workstations XP Pro SP2. It appears
that the authentication of my users in the domain expires after a certain
amount of time, at the most a few hours. For example, if a user logs on at 8
AM and leaves the session open until 6 PM without using the network, they
can no longer access resources in the domain 'Access denied... possible
security breech'... etc. If the user then logs out and logs back in
immediately, access is restored. Why is this happening? How can I prevent
this?

Thanks,
MN

"Mikey_N" <(E-Mail Removed)> wrote...
>I have a small Win 2003 Server domain, workstations XP Pro SP2. It appears
>that the authentication of my users in the >domain expires after a certain
>amount of time, at the most a few hours. For example, if a user logs on at
>8 AM and leaves the >session open until 6 PM without using the network,
>they can no longer access resources in the domain 'Access denied...
> >possible security breech'... etc. If the user then logs out and logs back
>in immediately, access is restored. Why is this >happening? How can I
>prevent this?

hmmmm......you said: "8AM and leaves the session open until 6 PM"
.......that is 10 hours. 10 hours is the default Kerberos policy maximum
lifetime for user ticket. Check your Event Viewer on the server for errors
and check the date of the NIC drivers on the server.

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

Thanks - our network engineer at the office also believes it is a Kerberos
ticket issue. I have not yet been able to test it.

--

Feel free to contact me with any questions or concerns.
________________________________________

MN @ Hzn
212-480-7000 x17
"Todd J Heron" <(E-Mail Removed)> wrote in message
news:e#(E-Mail Removed)...
> "Mikey_N" <(E-Mail Removed)> wrote...
> >I have a small Win 2003 Server domain, workstations XP Pro SP2. It
appears
> >that the authentication of my users in the >domain expires after a
certain
> >amount of time, at the most a few hours. For example, if a user logs on
at
> >8 AM and leaves the >session open until 6 PM without using the network,
> >they can no longer access resources in the domain 'Access denied...
> > >possible security breech'... etc. If the user then logs out and logs
back
> >in immediately, access is restored. Why is this >happening? How can I
> >prevent this?
>
> hmmmm......you said: "8AM and leaves the session open until 6 PM"
> ......that is 10 hours. 10 hours is the default Kerberos policy maximum
> lifetime for user ticket. Check your Event Viewer on the server for
errors
> and check the date of the NIC drivers on the server.
>
> --
> Todd J Heron, MCSE
> Windows Server 2003/2000/NT; CCA
> --------------------------------------------------------------------------
--
> This posting is provided "as is" with no warranties and confers no rights
>