Windows 10: Cached logons not allowing user to log on when domain controller unavailable

My laptop users are finding that they periodically cannot login when they are working remotely without connection to the domain controller. They receive the message "We can't sign you in with this credential because your domain isn't available..." The group policy has cached logons set to 10 and doesn't require connection to a domain controller.


I am finding that the cached logons are storing once per login not once per unique user so it could, theoretically, get eaten up by one user logging in 10 times, but since most of these laptops have only one user, I'm thinking that's not what's keeping them from logging in.


Any ideas on how to get these remote workers back into their computers without having to create separate local user profiles?

:)

 

How to reset Domain Users locally cached logon passwords

Dear All,

I am facing an issue that concerned with Domain Users locally cached logon passwords and how to reset it.

as simply sometimes I provide one of the remote sites IT Admins temporary accounts with elevated privileges to do some tasks and after that I disable or change the account password that I recently gave to them

but I found that after some time they log on using the old password while having same privileges by unplugging PCs from network and logging using the windows cached credentials and hence they can do what ever they want without permission.

So I need to know how can I reset the logging passwords that windows caches locally whenever a domain account logs on to a PC.

so I need that the next time any user uses the PC,it will ask him for the password and if he supplied an old one or supplied disabled account credits then PC denies logging for him,

taking in consideration that I do not need to disable the Password caching mode that is used by notebook users. so I need only to reset all cached logon passwords once and I can repeat the same whenever needed

 

Windows 10 after joining 2012 domain will not allow logon of domain users

So I have a new computer, recently upgraded from 10 home to 10 pro.

I join the computer to the 2012 r2 domain. it seems to join fine, I see that it is listed in the domain directory. however, no domain user is able to desktop logon on, it gives out a username or password incorrect message, even using the original joining
user account. it is happy to unjoin, even with administrative accounts that will not allow desktop logon.

I tried domain\user user@domain even domain.local versions of same and double checked caps lock to no avail.

noted a curious thing. when I look at the Settings>System>about instead of the normal three gray boxes one of which should say join a domain, I get this:

 

Question for some1 with windows domain knowledge

The cached mode allows a login to the local machine in the event that the domain server is unavailable. They will have access to everything on the local machine, but (obviusly) the server resources will be unavailable.

Since you have two servers, you should set them both up as domain controllers, so that if one goes away (for whatever reason), the other can still authenticate the users.