Hi.
I am running a project where sites are equipped with Windows 2003 servers running an application. The environment is very much locked down. Application logon via a web page uses single sign on. Users are logging onto their desktops with domain users rather than local ones.
The problem we have is that these sites are very prone to extended WAN outages. During such outages, we need users to be able to log onto the server using RDC in order to run the application that way and continue working. There is an option for users to go to the server room and log on directly to the console but this poses a security risk.
We have proven that the users credentials can be cached on the server and so during such a WAN outage they are able to log on directly to the server using their domain based credentials. However, when they try to do this using RDC, it does not work as it appears that the domain is trying to be resolved first and this fails due to the lack of WAN.
Therefore, we are looking for a solution whereby users can log on to the server remotely using their normal credentials when the WAN is down. As mentioned, the set up is under strict rules and we are not allowed to create a local user on the server.
Any tips/hints/ideas would be greatly appreciated!
Rob.