Cached credentials are not working on the lock screen (Windows 7)
Hello all,
We are having a difficult time trying to troubleshoot a problem with credential caching seemingly not working on the lock screen for our laptop users. Users are instructed to logon to the laptop while connected to the domain to cache their credentials. The user then leaves the network, and is able to log in to the laptop using cached credentials. The laptop locks either due to a manual lock, or due to an inactivity timer. The user tries to relog and is presented with the error “no logon servers available to service the request.” Users are reporting the problem from both home and public networks. We have been able to recreate the issue by logging on the laptop while in the office and setting our internal wireless network to manually connect, and then simply clicking start > shutdown arrow > lock. Many users have reported that they were able to get back into the laptop after a hard shut down, but would be unable to log in again if they returned to the lock screen. One user has reported that selecting other credentials > switch user > other user while on the lock screen and then entering in his DC credentials would allow him to get back into the laptop. I was unable to recreate this workaround on our test machine. I also tried to logon using the switch user account with the “.\username” method to see if that would look for cached credentials. One user has reported that he was unable to hard shut down the computer to get back in. He also reported that he tried to pull the battery and give it time before trying again.
We have set the value for “Interactive logon: Number of previous logons to cache” to 50. The status of “Interactive Logon: Require Domain Controller to unlock workstation” is disabled. We have tried to turn the Wi-Fi switch off and then back on while on the lock screen. Error logs that we think are related to the problem include – Event ID:5719, NETLOGON and Event ID:4343, NlaSvc error 0x4C6 and error 0x51
I have a slightly sinking feeling it has something to do with NLA thinking that they are connected to a domain while on the lock screen, but this is pure speculation. Thanks for reading my post and any potential solutions are greatly appreciated!
-
I have had this issue only once thankfully. on a PC not a laptop, in a place with very bad DNS. In this case someone had swiped the cable, put it back in no joy. 5 minutes later ... joy. Are your machines dropping a network connection?? - Badger 10 years ago
-
They don't appear to be dropping a connection. I ran wireshark on the wireless interface, and would lock the laptop to induce the problem hoping that I would be able to collect some data points. Traffic was still moving from the laptop to the guest network, so I was able to kinda rule out any chance that the NIC was just falling asleep and causing issues. - Jhogue 10 years ago
Answers (1)
Comments:
-
There are no drive mappings on the laptops, and they are using roaming profiles. I have looked in the event logs the main entries that I noticed were the NETLOGON Event ID:5719 and NlaSvc Event ID:4343. We have actually got three different 4343's and I have tried to track down what the 4343 error is on this https://support2.microsoft.com/kb/316836/en-us?wa=wsignin1.0 Microsoft page, but of course my problem is not even on their list :-( I do however feel that the Nla service is somehow involved. I tried disabling it today just for data point collection and I had the same lock out issue.
I will give the anti virus a check that is an interesting point you have made there. As far as a fresh build I haven't had too much time to try a re-image at the current moment, but I do have a laptop in that had blue screened and has been waiting for just that. So maybe next week when I get in the office I will focus on trying to get that re-image finished quickly and test the problem there. - Jhogue 10 years ago