在网络连接受限时,电脑还能使用用户名和密码登陆到域来进入系统,这是什么道理?
在网络连接受限时,电脑还能使用用户名和密码登陆到域来进入系统,这是什么道理?


------解决方案--------------------
域用户登录过一次后，系统会缓存用户的信息，不管是否连上了网络，只要能进行网络验证即可登录。
在“安全模式下”域用户无法登录，但只要选“带网络连接的安全模式”就能登录。
------解决方案--------------------
By default Windows 2000,XP and 2003 systems in a domain or Active Directory tree cache the passwords and credentials of previously logged in users. This is done so that the users can still login again if the Domain Controller or ADStree can not be reached either because of Controller failure or network problems. These cached passwords are stored as hashes in the localsystems registry at the values HKEY_LOCAL_MACHINE\SECURITY\CACHE\NL$1through NL$10. Unless the ACL is changed these values require SYSTEM level privileges to access (you can set it so an admin account can read them but you would still want to use a tool to parse out the data).
------解决方案--------------------
是因为缓存的问题。
打开本地策略，计算机配置-windows settings-安全settings-本地策略-安全-Interactive logon:number of previous......................默认是10改为0就可以了。