I have a small remote network running 6 pc's (all of which have been connected to the domain at one time or another) that connect via T1 through vpn to our corporate office. 4 of the pc's (all xp) were moved from another remote location that was onced connected via frame to our domain, so needless to say these 4 computers are on the domain and have been authenticated. The problem I now have is the other 2 pc's ( 1 XP, 1 2000) have user's who have never authenticated to the domain. This of course led to printer and file sharing problems. 4 of the pc's can log into the domain no problem, the other two (still workgroup because new users on these machines will not authenticate to domain) cannot. I thought I solved the printer sharing issue by adding all the user's that log into the domain to the machines that are on the workgroup. The problem is that there is a domain group policy that forces the computer to lock when it is idle for more than 15 minutes. This creates a printing problem when the 4 that are on the domain try to print to either of the pc's on the workgroup, if the workgroup machine is locked, the print job hangs until someone goes and hits ctl alt del sequence and logs in, once the workgroup machines are logged in there is no issue, but the operators of the workgroup are not always available to keep their machines unlocked. I know I can probably disable on the local side the lock out security policy but not sure which policy enforces this behavior and also I have read some scary things happening to machines that have joined a domain with this local policy not enabled, it will flat lock up a machine and there seems to be no way back onto the local or domain side. Any help or consideration will be greatly appreciated.
July 10, 2008 6:10 PM
July 10, 2008 8:07 PM