The default behavior in Windows when connecting to a domain is to cache the domain credentials locally so that they can be used to login even when the domain isn’t available. You can set this value to 0 in order to disable logons to the computer while not connected to the domain.
Note that this will only work for computers that are configured to login to a domain, not for Home editions.
Disable Cached Logons
Open up regedit.exe through the start menu search or run box, and then navigate down to the following key:
On the right-hand pane you’ll see a key called cachedlogonscount, which you can change to 0 in order to disable logging in when not connected to the domain.
This should work on either Vista or XP.
Programmer by day, geek by night, The Geek, also known as Lowell Heddings, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on Google+ if you'd like.
- Published 01/12/08