Have the following questions about what is working / what doesn't work when
peoples with Win XP SP2 clients logon to a Windows 2003 Server Network with
AD, but without a network connection, using the cached logon credentials.
1. Account lockout policies defined in the default domain controller GPO (or
default domain GPO) obviously doesn't work. A unauthorized user can try to
logon as many times as he want for guessing the users password. Is this
correct, and is there a workaround for this problem?
2. What happen when a user with the domain account is working a long time
abroad, without network connection, always using cached credentials, and the
password expires?
3. It seems that the user part of GPO's (the settings that where defined the
last time the user logged on to the network) will still be applied when the
user logs on with cached credentials. What about the machine part of the
GPO's?
Thanks all in advance for any help, or links to Microsoft documents
explaining these questions.
Franz
|
Similar Threads
Linear Mode
