Trying to understand Fas Logon Optimization
JockVSJock
Member Posts: 1,118
I'm not really sure how this works.
Description of the Windows XP Professional Fast Logon Optimization feature
This term keeps coming up, 'cached credentials.' Not sure what this means from an XP point of view.
Does this get applied during the start up script or the login script?
Also it talks about the 'network to be fully initialized.' Not sure what this means either...
thanks
Description of the Windows XP Professional Fast Logon Optimization feature
As a result, Windows XP does not wait for the network to be fully initialized at startup and logon. Existing users are logged on using cached credentials.
This term keeps coming up, 'cached credentials.' Not sure what this means from an XP point of view.
Does this get applied during the start up script or the login script?
Also it talks about the 'network to be fully initialized.' Not sure what this means either...
thanks
***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)
"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown
"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown
Comments
-
undomiel Member Posts: 2,818Cached credentials are basically that the user has logged into that machine before and the machine has stuck the password info into its cache. This means that the next time the user tries to log in and a domain controller is not available, such as when the network has not been fully initialized or is completely down, then the logon can be facilitated by the cached password info.
The network not being fully initialized is referring to the entire network stack. The system has to bring up the network driver, bring up TCP/IP, get itself an IP address, locate a domain controller, and more. Check your system event log sometime after a reboot and you'll find entries referring to the network being initialized. This is important to remember when taking cached logons and group policy processing into consideration.
For a bit of reading: Cached credentials security in Windows Server 2003, in Windows XP, and in Windows 2000Jumping on the IT blogging band wagon -- http://www.jefferyland.com/ -
Hyper-Me Banned Posts: 2,059udomiel is very right.
This is an important thing to consider when configuring the policy "Wait for network before allowing logon"
Essentially barring anyone from logging on cached, and forcing users to be authenticated everytime.