Hi All we are shifted our some office users to another location and now they are all login in to same domain which we setup in Head Office. i have to ensure that they are able to use the same domain for logging for another 3 months. is it possible they can loggin the same domain for another 3 months with out having physical connectivity with domain controller. pls advice if anyone knows the solution thanks in advance.

Without having physical connectivity with domain controller, your users will be unable to access your domain controller to logon. You can add additional domain controllers in the new offices so that your connectivity is down the additional domain controllers will be used for users logon. Remak: Your new additional domain controllers should be able to communicate with your Head office domain controllers for AD replication. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

No its not at all possible 3 months that too without physical connectivity but for certain extent i would say yes as well depends how many time user logons to the machine conditions apply. You might be thinking how yes its possible through domain cached credentials http://portal.sivarajan.com/2010/11/cached-domain-credentials-and-registry.html http://4sysops.com/archives/cached-domain-logon/ Another way out out is make and additional domain controller on the Head Office and detach it from there bring it to the new office and seize the role tis was it can easily serve you prupose After detaching it from the Head office do a metadata cleanup at the Head office and never put the both DC's on the same network again http://www.virmansec.com/blogs/skhairuddin

No its not at all possible 3 months that too without physical connectivity but for certain extent i would say yes as well depends how many time user logons to the machine conditions apply. You might be thinking how yes its possible through domain cached credentials http://portal.sivarajan.com/2010/11/cached-domain-credentials-and-registry.html http://4sysops.com/archives/cached-domain-logon/ http://www.virmansec.com/blogs/skhairuddin

Hello Rejesh, I do not understand the point of keeping users out of domain for 3 months, long downtime from the resources usage. If your shifting your office, users should not feel the change. Many enterprise network they will disable the cached domain logons. Thanks

Hi Rajesh If the objective is to have the users logon to their machines for the next three months without the presence of a domain controlller but using their cached domain username and password.. then yes it is possible :) cached logon credentials do not expire! If you did not make any changes to the registry cachedLogonsCount then you should be okay default is 10 i think so that means caching is enabled and so your users can be away from the Domain for a long time (even longer than 3 months) but they will still be able to log on to their machines using their domain username and password and also domain name in the logon prompt. But they may not have access to certain resources and will not be able to change their passwords and all. What is going to happen after 3 months?? are these users going to go back to the old office?? If they are now going to be permanently based in this new office then i dont advise having them use cached credentials untill eternity you can try out the solution proposed by Mr. X about additional DC's :) tech-nique