nuxx.net

SyncForegroundPolicy precludes ReportDC and ReportControllerMissing

In troubleshooting some Group Policy processing issues I attempted to set ReportDC(1) and ReportControllerMissing(2) to notify me, upon login, that a Windows machine was using Cached Credentials(3). After a brief period of confusion I found that turning off (or setting to 0) SyncForegroundPolicy, the registry key which holds the policy setting Always wait for the network at computer startup and logon, will preclude this the aforementioned notification. Thus when receiving the policy-based setting disabling SyncForegroundPolicy to ensure that the machine starts faster by not waiting for the network to come up before beginning policy processing, the diagnostic popup indicating the use of cached credentials does not work.

Note that the steps for setting the ReportDC and ReportControllerMissing values can be found in 242536 – User is not alerted when logging on with domain cached credentials.

(1) HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ReportDC, set to 1 (the default) to display the domain controller message.
(2) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ReportControllerMissing, set to TRUE to display the message.
(3) HKLM\Software\Policies\Microsoft\Windows NT\CurrentVersion\Winlogon\SyncForegroundPolicy, set to 1 for enabled / wait for network. The opposite setting of 0 is disabled / don’t wait for network.

Exit mobile version