You will not be able to logon on
Unless you have valid "Local" logon credentials on the
machine that you are sitting at.
Your User account information(ACL,access token)
resides in the SAM on the domain controller back in the
domain you left.
Now when you attempt to logon to the "Local" computer you
are asking the "Local" SAM to authenticate your logon
request using domain credentials. You need a "Local" user
account to logon locally and Administrative credentials in
the Doamin to join a computer to the Domain.
When logging on you are presented with the option to logon
to Domain(s): or logon to computername:
When you choose to logon to the Domain you use its SAM.
When you choose to logon to computername: with the
computer already joined to a domain you are logged on
using Domain credentials that have been cached on
the "Local" computer. This is the only time that you can
use the same username and password for Domain or "Local"
logons. (the reason is that if a domain controller becomes
unavaliable users will still be able to logon to the local
machine using cached credentials.)
Essentailly When you supply a Domain Name in Network
Identification all Domain logon requests are sent to a
domain controller, as stated above you can also logon
locally using cached credential(stores the last 10
successful logons.)
When you supply a Workgroup name in Network Identification
the request looks at the "Local" SAM and never at a domain
controller.
Kevin Matiuk
MCSE
