how to cache credentials on Windows
I am a programmer and finance guy who is reluctantly in charge of IT, among any other more appropriate departments, at our eight person firm. I'm very new to IT, so please bear with me and assume I know very little.
We have a limited number of shared/vacation laptops that trade hands a lot. Despite my guidance, employees take off with a laptop that doesn't have their credentials cached so they can't login. (I try to get them to login before they head out!)
How can I cache all of the credentials to each of the traveling laptops? And is this wise? Suggestions welcome for alternative (free) solutions that solve this in a different way.
Laptop: Windows 7 without local admin rights,
Server: Windows 2008 R2
active-directory credentials windows-server
migrated from security.stackexchange.com Dec 22 '16 at 21:59
This question came from our site for information security professionals.
|
show 2 more comments
I am a programmer and finance guy who is reluctantly in charge of IT, among any other more appropriate departments, at our eight person firm. I'm very new to IT, so please bear with me and assume I know very little.
We have a limited number of shared/vacation laptops that trade hands a lot. Despite my guidance, employees take off with a laptop that doesn't have their credentials cached so they can't login. (I try to get them to login before they head out!)
How can I cache all of the credentials to each of the traveling laptops? And is this wise? Suggestions welcome for alternative (free) solutions that solve this in a different way.
Laptop: Windows 7 without local admin rights,
Server: Windows 2008 R2
active-directory credentials windows-server
migrated from security.stackexchange.com Dec 22 '16 at 21:59
This question came from our site for information security professionals.
1
Get them to login before walking away from the network with the laptop.
– schroeder
Dec 22 '16 at 21:59
schroeder - note "Despite my guidance" part of my question. I try! I added clarification on this in my question.
– mountainclimber
Dec 22 '16 at 22:02
Also, where should I post questions like this? I see you migrated my question.
– mountainclimber
Dec 22 '16 at 22:05
1
Noted, and I agree; however, that is a tough one when it is your CEO during the holidays who needs the help.
– mountainclimber
Dec 22 '16 at 22:07
1
How to configure or accomplish tasks in a particular OS tends to be more of a SuperUser-type question.
– schroeder
Dec 22 '16 at 22:07
|
show 2 more comments
I am a programmer and finance guy who is reluctantly in charge of IT, among any other more appropriate departments, at our eight person firm. I'm very new to IT, so please bear with me and assume I know very little.
We have a limited number of shared/vacation laptops that trade hands a lot. Despite my guidance, employees take off with a laptop that doesn't have their credentials cached so they can't login. (I try to get them to login before they head out!)
How can I cache all of the credentials to each of the traveling laptops? And is this wise? Suggestions welcome for alternative (free) solutions that solve this in a different way.
Laptop: Windows 7 without local admin rights,
Server: Windows 2008 R2
active-directory credentials windows-server
I am a programmer and finance guy who is reluctantly in charge of IT, among any other more appropriate departments, at our eight person firm. I'm very new to IT, so please bear with me and assume I know very little.
We have a limited number of shared/vacation laptops that trade hands a lot. Despite my guidance, employees take off with a laptop that doesn't have their credentials cached so they can't login. (I try to get them to login before they head out!)
How can I cache all of the credentials to each of the traveling laptops? And is this wise? Suggestions welcome for alternative (free) solutions that solve this in a different way.
Laptop: Windows 7 without local admin rights,
Server: Windows 2008 R2
active-directory credentials windows-server
active-directory credentials windows-server
edited Dec 22 '16 at 22:02
asked Dec 22 '16 at 21:53
mountainclimber
1396
1396
migrated from security.stackexchange.com Dec 22 '16 at 21:59
This question came from our site for information security professionals.
migrated from security.stackexchange.com Dec 22 '16 at 21:59
This question came from our site for information security professionals.
1
Get them to login before walking away from the network with the laptop.
– schroeder
Dec 22 '16 at 21:59
schroeder - note "Despite my guidance" part of my question. I try! I added clarification on this in my question.
– mountainclimber
Dec 22 '16 at 22:02
Also, where should I post questions like this? I see you migrated my question.
– mountainclimber
Dec 22 '16 at 22:05
1
Noted, and I agree; however, that is a tough one when it is your CEO during the holidays who needs the help.
– mountainclimber
Dec 22 '16 at 22:07
1
How to configure or accomplish tasks in a particular OS tends to be more of a SuperUser-type question.
– schroeder
Dec 22 '16 at 22:07
|
show 2 more comments
1
Get them to login before walking away from the network with the laptop.
– schroeder
Dec 22 '16 at 21:59
schroeder - note "Despite my guidance" part of my question. I try! I added clarification on this in my question.
– mountainclimber
Dec 22 '16 at 22:02
Also, where should I post questions like this? I see you migrated my question.
– mountainclimber
Dec 22 '16 at 22:05
1
Noted, and I agree; however, that is a tough one when it is your CEO during the holidays who needs the help.
– mountainclimber
Dec 22 '16 at 22:07
1
How to configure or accomplish tasks in a particular OS tends to be more of a SuperUser-type question.
– schroeder
Dec 22 '16 at 22:07
1
1
Get them to login before walking away from the network with the laptop.
– schroeder
Dec 22 '16 at 21:59
Get them to login before walking away from the network with the laptop.
– schroeder
Dec 22 '16 at 21:59
schroeder - note "Despite my guidance" part of my question. I try! I added clarification on this in my question.
– mountainclimber
Dec 22 '16 at 22:02
schroeder - note "Despite my guidance" part of my question. I try! I added clarification on this in my question.
– mountainclimber
Dec 22 '16 at 22:02
Also, where should I post questions like this? I see you migrated my question.
– mountainclimber
Dec 22 '16 at 22:05
Also, where should I post questions like this? I see you migrated my question.
– mountainclimber
Dec 22 '16 at 22:05
1
1
Noted, and I agree; however, that is a tough one when it is your CEO during the holidays who needs the help.
– mountainclimber
Dec 22 '16 at 22:07
Noted, and I agree; however, that is a tough one when it is your CEO during the holidays who needs the help.
– mountainclimber
Dec 22 '16 at 22:07
1
1
How to configure or accomplish tasks in a particular OS tends to be more of a SuperUser-type question.
– schroeder
Dec 22 '16 at 22:07
How to configure or accomplish tasks in a particular OS tends to be more of a SuperUser-type question.
– schroeder
Dec 22 '16 at 22:07
|
show 2 more comments
2 Answers
2
active
oldest
votes
The answer: No.
As Schroeder mentions in his comment, the way this is to be done is to require staff to log into the computer while it is still connected in the office.
There is a setting that can be configured in Group Policy that tells a computer how many credentials it can recall, which allows a staffmember or two or three to login to a computer in the office and then take the computer out of the office and still be able to log in, but even this has its limits.
The problem with what you're asking for is that you would essentially be asking the computer to retain a copy of authentication for all of the user accounts on a domain, and to ask for any updated information about this user accounts such as changed passwords or names or permissions, whenever it does change.
First this is impractical because the laptops would have to be connected to the domain anyways to get this information and why doesn't the borrowing user just log in before they leave anyway, and second it is highly insecure.
If a computer remembering one account's information leaves the office and is stolen, you reset the information on that one account. But if you have ALL of the information for ALL of the domain accounts on that laptop, you have trouble, spelled with a capital "T".
As part of your new role you also are the enforcer, and the rules have to be, both for the safety of the company information, and for your sanity, that staff MUST log into the computer BEFORE they leave the office or they are out of luck.
Their forgetting what they have been told is no reason for you to have to panic. They are not two year olds. They are adults who can understand and follow instructions. I assume.
UPDATE: Suggested Process & Magic Workaround
Suggested Process
Option 1: Keep all the loaner laptops secured in your office, at your tech desk, etc. When people come to check them out from you have them login to them before they leave. Bonus benefit: You know the laptop is working.
Option 2: Give the CEO a laptop of their own for their only computer. Then they're already logged in.
Magic Workaround
Don't just give this one away. Keep it for those times you really need a bacon saved or brownie points banked and use it only sparingly.
Set up a VPN connection of some sort, and then configure a VERY limited local account on all the laptops that ONLY connects to an available internet connection and triggers the VPN connection.
You can do this in such a way that not even the taskbar or desktop icons show up in this limited account
Once the VPN is connected have the remote user who could not be bothered to follow instructions press CTRL-ALT-DEL and select Change Password. In this dialog you can change passwords BESIDES the logged in account simply by entering the domainusername of the account you wish to cache. Once the user has changed the password for their own account on this computer, the accounts credentials will then be cached, and they'll be able to log in normally.
There's still a little punishment because they had to change their password, but that should hopefully serve as reminder to do things the right way next time.
add a comment |
Not debating on whether it is correct practice or not. But the only way to cache credentials in windows is using credentials manager. You can script using command line tool "cmdkey" like this :
cmdkey /add:server01 /user:mikedan /pass:Kleo
But this would not be advisable for security reasons, right?
– mountainclimber
Dec 23 '16 at 13:20
As i mentioned ... can't debate its correct and secure or not ... In my opinion security assessment requires more deeper exercise ... If you have compensatory control around cmdkey usage then its absolutely fine ... Credential manager of windows is secure in storing data ... you cannot retrieve the password, only use it to connect like file and printer sharing etc... security issue is only around who canshould use it
– amarnath chatterjee
Dec 24 '16 at 15:36
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1159425%2fhow-to-cache-credentials-on-windows%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The answer: No.
As Schroeder mentions in his comment, the way this is to be done is to require staff to log into the computer while it is still connected in the office.
There is a setting that can be configured in Group Policy that tells a computer how many credentials it can recall, which allows a staffmember or two or three to login to a computer in the office and then take the computer out of the office and still be able to log in, but even this has its limits.
The problem with what you're asking for is that you would essentially be asking the computer to retain a copy of authentication for all of the user accounts on a domain, and to ask for any updated information about this user accounts such as changed passwords or names or permissions, whenever it does change.
First this is impractical because the laptops would have to be connected to the domain anyways to get this information and why doesn't the borrowing user just log in before they leave anyway, and second it is highly insecure.
If a computer remembering one account's information leaves the office and is stolen, you reset the information on that one account. But if you have ALL of the information for ALL of the domain accounts on that laptop, you have trouble, spelled with a capital "T".
As part of your new role you also are the enforcer, and the rules have to be, both for the safety of the company information, and for your sanity, that staff MUST log into the computer BEFORE they leave the office or they are out of luck.
Their forgetting what they have been told is no reason for you to have to panic. They are not two year olds. They are adults who can understand and follow instructions. I assume.
UPDATE: Suggested Process & Magic Workaround
Suggested Process
Option 1: Keep all the loaner laptops secured in your office, at your tech desk, etc. When people come to check them out from you have them login to them before they leave. Bonus benefit: You know the laptop is working.
Option 2: Give the CEO a laptop of their own for their only computer. Then they're already logged in.
Magic Workaround
Don't just give this one away. Keep it for those times you really need a bacon saved or brownie points banked and use it only sparingly.
Set up a VPN connection of some sort, and then configure a VERY limited local account on all the laptops that ONLY connects to an available internet connection and triggers the VPN connection.
You can do this in such a way that not even the taskbar or desktop icons show up in this limited account
Once the VPN is connected have the remote user who could not be bothered to follow instructions press CTRL-ALT-DEL and select Change Password. In this dialog you can change passwords BESIDES the logged in account simply by entering the domainusername of the account you wish to cache. Once the user has changed the password for their own account on this computer, the accounts credentials will then be cached, and they'll be able to log in normally.
There's still a little punishment because they had to change their password, but that should hopefully serve as reminder to do things the right way next time.
add a comment |
The answer: No.
As Schroeder mentions in his comment, the way this is to be done is to require staff to log into the computer while it is still connected in the office.
There is a setting that can be configured in Group Policy that tells a computer how many credentials it can recall, which allows a staffmember or two or three to login to a computer in the office and then take the computer out of the office and still be able to log in, but even this has its limits.
The problem with what you're asking for is that you would essentially be asking the computer to retain a copy of authentication for all of the user accounts on a domain, and to ask for any updated information about this user accounts such as changed passwords or names or permissions, whenever it does change.
First this is impractical because the laptops would have to be connected to the domain anyways to get this information and why doesn't the borrowing user just log in before they leave anyway, and second it is highly insecure.
If a computer remembering one account's information leaves the office and is stolen, you reset the information on that one account. But if you have ALL of the information for ALL of the domain accounts on that laptop, you have trouble, spelled with a capital "T".
As part of your new role you also are the enforcer, and the rules have to be, both for the safety of the company information, and for your sanity, that staff MUST log into the computer BEFORE they leave the office or they are out of luck.
Their forgetting what they have been told is no reason for you to have to panic. They are not two year olds. They are adults who can understand and follow instructions. I assume.
UPDATE: Suggested Process & Magic Workaround
Suggested Process
Option 1: Keep all the loaner laptops secured in your office, at your tech desk, etc. When people come to check them out from you have them login to them before they leave. Bonus benefit: You know the laptop is working.
Option 2: Give the CEO a laptop of their own for their only computer. Then they're already logged in.
Magic Workaround
Don't just give this one away. Keep it for those times you really need a bacon saved or brownie points banked and use it only sparingly.
Set up a VPN connection of some sort, and then configure a VERY limited local account on all the laptops that ONLY connects to an available internet connection and triggers the VPN connection.
You can do this in such a way that not even the taskbar or desktop icons show up in this limited account
Once the VPN is connected have the remote user who could not be bothered to follow instructions press CTRL-ALT-DEL and select Change Password. In this dialog you can change passwords BESIDES the logged in account simply by entering the domainusername of the account you wish to cache. Once the user has changed the password for their own account on this computer, the accounts credentials will then be cached, and they'll be able to log in normally.
There's still a little punishment because they had to change their password, but that should hopefully serve as reminder to do things the right way next time.
add a comment |
The answer: No.
As Schroeder mentions in his comment, the way this is to be done is to require staff to log into the computer while it is still connected in the office.
There is a setting that can be configured in Group Policy that tells a computer how many credentials it can recall, which allows a staffmember or two or three to login to a computer in the office and then take the computer out of the office and still be able to log in, but even this has its limits.
The problem with what you're asking for is that you would essentially be asking the computer to retain a copy of authentication for all of the user accounts on a domain, and to ask for any updated information about this user accounts such as changed passwords or names or permissions, whenever it does change.
First this is impractical because the laptops would have to be connected to the domain anyways to get this information and why doesn't the borrowing user just log in before they leave anyway, and second it is highly insecure.
If a computer remembering one account's information leaves the office and is stolen, you reset the information on that one account. But if you have ALL of the information for ALL of the domain accounts on that laptop, you have trouble, spelled with a capital "T".
As part of your new role you also are the enforcer, and the rules have to be, both for the safety of the company information, and for your sanity, that staff MUST log into the computer BEFORE they leave the office or they are out of luck.
Their forgetting what they have been told is no reason for you to have to panic. They are not two year olds. They are adults who can understand and follow instructions. I assume.
UPDATE: Suggested Process & Magic Workaround
Suggested Process
Option 1: Keep all the loaner laptops secured in your office, at your tech desk, etc. When people come to check them out from you have them login to them before they leave. Bonus benefit: You know the laptop is working.
Option 2: Give the CEO a laptop of their own for their only computer. Then they're already logged in.
Magic Workaround
Don't just give this one away. Keep it for those times you really need a bacon saved or brownie points banked and use it only sparingly.
Set up a VPN connection of some sort, and then configure a VERY limited local account on all the laptops that ONLY connects to an available internet connection and triggers the VPN connection.
You can do this in such a way that not even the taskbar or desktop icons show up in this limited account
Once the VPN is connected have the remote user who could not be bothered to follow instructions press CTRL-ALT-DEL and select Change Password. In this dialog you can change passwords BESIDES the logged in account simply by entering the domainusername of the account you wish to cache. Once the user has changed the password for their own account on this computer, the accounts credentials will then be cached, and they'll be able to log in normally.
There's still a little punishment because they had to change their password, but that should hopefully serve as reminder to do things the right way next time.
The answer: No.
As Schroeder mentions in his comment, the way this is to be done is to require staff to log into the computer while it is still connected in the office.
There is a setting that can be configured in Group Policy that tells a computer how many credentials it can recall, which allows a staffmember or two or three to login to a computer in the office and then take the computer out of the office and still be able to log in, but even this has its limits.
The problem with what you're asking for is that you would essentially be asking the computer to retain a copy of authentication for all of the user accounts on a domain, and to ask for any updated information about this user accounts such as changed passwords or names or permissions, whenever it does change.
First this is impractical because the laptops would have to be connected to the domain anyways to get this information and why doesn't the borrowing user just log in before they leave anyway, and second it is highly insecure.
If a computer remembering one account's information leaves the office and is stolen, you reset the information on that one account. But if you have ALL of the information for ALL of the domain accounts on that laptop, you have trouble, spelled with a capital "T".
As part of your new role you also are the enforcer, and the rules have to be, both for the safety of the company information, and for your sanity, that staff MUST log into the computer BEFORE they leave the office or they are out of luck.
Their forgetting what they have been told is no reason for you to have to panic. They are not two year olds. They are adults who can understand and follow instructions. I assume.
UPDATE: Suggested Process & Magic Workaround
Suggested Process
Option 1: Keep all the loaner laptops secured in your office, at your tech desk, etc. When people come to check them out from you have them login to them before they leave. Bonus benefit: You know the laptop is working.
Option 2: Give the CEO a laptop of their own for their only computer. Then they're already logged in.
Magic Workaround
Don't just give this one away. Keep it for those times you really need a bacon saved or brownie points banked and use it only sparingly.
Set up a VPN connection of some sort, and then configure a VERY limited local account on all the laptops that ONLY connects to an available internet connection and triggers the VPN connection.
You can do this in such a way that not even the taskbar or desktop icons show up in this limited account
Once the VPN is connected have the remote user who could not be bothered to follow instructions press CTRL-ALT-DEL and select Change Password. In this dialog you can change passwords BESIDES the logged in account simply by entering the domainusername of the account you wish to cache. Once the user has changed the password for their own account on this computer, the accounts credentials will then be cached, and they'll be able to log in normally.
There's still a little punishment because they had to change their password, but that should hopefully serve as reminder to do things the right way next time.
edited Dec 22 '16 at 22:16
answered Dec 22 '16 at 22:09
music2myear
30.6k85597
30.6k85597
add a comment |
add a comment |
Not debating on whether it is correct practice or not. But the only way to cache credentials in windows is using credentials manager. You can script using command line tool "cmdkey" like this :
cmdkey /add:server01 /user:mikedan /pass:Kleo
But this would not be advisable for security reasons, right?
– mountainclimber
Dec 23 '16 at 13:20
As i mentioned ... can't debate its correct and secure or not ... In my opinion security assessment requires more deeper exercise ... If you have compensatory control around cmdkey usage then its absolutely fine ... Credential manager of windows is secure in storing data ... you cannot retrieve the password, only use it to connect like file and printer sharing etc... security issue is only around who canshould use it
– amarnath chatterjee
Dec 24 '16 at 15:36
add a comment |
Not debating on whether it is correct practice or not. But the only way to cache credentials in windows is using credentials manager. You can script using command line tool "cmdkey" like this :
cmdkey /add:server01 /user:mikedan /pass:Kleo
But this would not be advisable for security reasons, right?
– mountainclimber
Dec 23 '16 at 13:20
As i mentioned ... can't debate its correct and secure or not ... In my opinion security assessment requires more deeper exercise ... If you have compensatory control around cmdkey usage then its absolutely fine ... Credential manager of windows is secure in storing data ... you cannot retrieve the password, only use it to connect like file and printer sharing etc... security issue is only around who canshould use it
– amarnath chatterjee
Dec 24 '16 at 15:36
add a comment |
Not debating on whether it is correct practice or not. But the only way to cache credentials in windows is using credentials manager. You can script using command line tool "cmdkey" like this :
cmdkey /add:server01 /user:mikedan /pass:Kleo
Not debating on whether it is correct practice or not. But the only way to cache credentials in windows is using credentials manager. You can script using command line tool "cmdkey" like this :
cmdkey /add:server01 /user:mikedan /pass:Kleo
answered Dec 23 '16 at 5:27
amarnath chatterjee
1011
1011
But this would not be advisable for security reasons, right?
– mountainclimber
Dec 23 '16 at 13:20
As i mentioned ... can't debate its correct and secure or not ... In my opinion security assessment requires more deeper exercise ... If you have compensatory control around cmdkey usage then its absolutely fine ... Credential manager of windows is secure in storing data ... you cannot retrieve the password, only use it to connect like file and printer sharing etc... security issue is only around who canshould use it
– amarnath chatterjee
Dec 24 '16 at 15:36
add a comment |
But this would not be advisable for security reasons, right?
– mountainclimber
Dec 23 '16 at 13:20
As i mentioned ... can't debate its correct and secure or not ... In my opinion security assessment requires more deeper exercise ... If you have compensatory control around cmdkey usage then its absolutely fine ... Credential manager of windows is secure in storing data ... you cannot retrieve the password, only use it to connect like file and printer sharing etc... security issue is only around who canshould use it
– amarnath chatterjee
Dec 24 '16 at 15:36
But this would not be advisable for security reasons, right?
– mountainclimber
Dec 23 '16 at 13:20
But this would not be advisable for security reasons, right?
– mountainclimber
Dec 23 '16 at 13:20
As i mentioned ... can't debate its correct and secure or not ... In my opinion security assessment requires more deeper exercise ... If you have compensatory control around cmdkey usage then its absolutely fine ... Credential manager of windows is secure in storing data ... you cannot retrieve the password, only use it to connect like file and printer sharing etc... security issue is only around who canshould use it
– amarnath chatterjee
Dec 24 '16 at 15:36
As i mentioned ... can't debate its correct and secure or not ... In my opinion security assessment requires more deeper exercise ... If you have compensatory control around cmdkey usage then its absolutely fine ... Credential manager of windows is secure in storing data ... you cannot retrieve the password, only use it to connect like file and printer sharing etc... security issue is only around who canshould use it
– amarnath chatterjee
Dec 24 '16 at 15:36
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1159425%2fhow-to-cache-credentials-on-windows%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Get them to login before walking away from the network with the laptop.
– schroeder
Dec 22 '16 at 21:59
schroeder - note "Despite my guidance" part of my question. I try! I added clarification on this in my question.
– mountainclimber
Dec 22 '16 at 22:02
Also, where should I post questions like this? I see you migrated my question.
– mountainclimber
Dec 22 '16 at 22:05
1
Noted, and I agree; however, that is a tough one when it is your CEO during the holidays who needs the help.
– mountainclimber
Dec 22 '16 at 22:07
1
How to configure or accomplish tasks in a particular OS tends to be more of a SuperUser-type question.
– schroeder
Dec 22 '16 at 22:07