Archived from groups: microsoft.public.win2000.active_directory (More info?)
Ok, with the help I recieved from before, I've started disabling computer
objects identified with the dsquery -stalepwd switch. If I dont get any
complaints from users who cant use there systems for a week, I then go in
and delete the disabled objects. Well, I was testing today and may have
found a snag in my plan. I disabled a computer of mine, rebooted it, and
logged on. I was sucessful, I was then able to authenticate to the other
resorces on the network. I know this is because of cached credentials(set at
2 users on my machines), but how long will they last on a machine? My fear
is, I disable a notebook, it comes back on my network, the user sees no
difference because he's using a cached login, a week later I completly
delete the computer from my OU and my scans and numbers are off.
any ideas?
Ok, with the help I recieved from before, I've started disabling computer
objects identified with the dsquery -stalepwd switch. If I dont get any
complaints from users who cant use there systems for a week, I then go in
and delete the disabled objects. Well, I was testing today and may have
found a snag in my plan. I disabled a computer of mine, rebooted it, and
logged on. I was sucessful, I was then able to authenticate to the other
resorces on the network. I know this is because of cached credentials(set at
2 users on my machines), but how long will they last on a machine? My fear
is, I disable a notebook, it comes back on my network, the user sees no
difference because he's using a cached login, a week later I completly
delete the computer from my OU and my scans and numbers are off.
any ideas?