Previous Logon Information
Overview
This setting enables users to determine whether their accounts were used (or were attempted to be used) without their knowledge. When this policy is enabled and the Windows Vista–based computer is joined to a Windows Server 2008 functional-level domain, the following information is displayed after a successful interactive logon:
- Date and time of the last successful logon by that user
- Date and time of the last unsuccessful logon attempt with the same user name
- The number of failed logon attempts since the last successful logon with the same user name
Note
The source of this information is the Active Directory database or Security Accounts Manager (SAM) of the computer providing the information. For local accounts, this information is always up to date. However, in domain environments, domain controllers depend on replication, so the information might not be up to date.
Configuration
To enable this feature, use the Local Group Policy Editor to navigate to Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Windows Logon Options, and enable Display Information about previous logons during user logon. Additional information is available on the Explain Text tab for this setting.
Warning
If this policy is enabled and the Windows Vista–based computer is not joined to a Windows Server 2008 functional-level domain, a warning message will appear stating that the information could not be retrieved and the user will not be able to log on. Do not enable this policy setting unless the Windows Vista–based computer is joined to a Windows Server 2008 functional-level domain.
Security considerations
User training that accompanies the deployment of Windows Vista should include information about how to use this information and what to do if the information does not represent the user's actions.