I have a number of users with Windows laptops on a Windows domain that are often not able to connect to the domain network to log in. I initially set up their machine, log them in, set up their profile and it works fine for a while – 2 weeks or so I believe.
However, unless they are able to plug in to the network to reach the domain controller, they eventually are unable to log in to their machine.
I like this, but for certain specific users it would be nice to allow them to continue to log in either for a much longer time frame or indefinitely.
I know I can create a local user on the computer for the user, but are there any other options? For example, what if I create a restricted group to make the user a local admin in active directory – would that work and prevent this timeout period?
Or, possibly I can do something on the local machine? Maybe there is a way to specify the timeout for the user or machine in AD?
Best Answer
I think what's happening is that the machine password is expiring. Check out this link:
http://technet.microsoft.com/en-us/library/cc781050%28WS.10%29.aspx