Interactive logon: Number of previous logons to cache (in case domain controller is not available)ID: oval:org.secpod.oval:def:22461 | Date: (C)2015-01-07 (M)2023-07-14 |
Class: COMPLIANCE | Family: windows |
Each unique user's logon information is cached locally so that, in the event that a domain controller is unavailable during subsequent logon attempts, they are able to log on. The cached logon information is stored from the previous logon session. If a domain controller is unavailable and a user's logon information is not cached, the user is prompted with this message:
There are currently no logon servers available to service the logon request.
In this policy setting, a value of 0 disables logon caching. Any value above 50 only caches 50 logon attempts. Windows supports a maximum of 50 cache entries and the number of entries consumed per user depends on the credential. For example, a maximum of 50 unique password user accounts can be cached on a Windows system, but only 25 smart card user accounts can be cached because both the password information and the smart card information are stored. When a user with cached logon information logs on again, the user's individual cached information is replaced.
Default:
Windows Server 2008: 25
All Other Versions: 10
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Interactive logon: Number of previous logons to cache (in case domain controller is not available)
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon!cachedlogonscount
Platform: |
Microsoft Windows 8.1 |