Display information about previous logons during user logon

26 Feb

In an ongoing attempt to increase user security and awareness, this GPO went a little overlooked by myself to could serve as a very useful feature, at the very least to increase all users’ security awareness.

Applying this to a test OU, initially seemed ok. That was up until I entered an incorrect password and then the correct one and realized I wasn’t able to login as it displayed: “Security policies on this computer are set to display information about the last interactive logon. Windows could not retrieve this information. Please contact your network administrator for assistance.

The trick here is to apply this policy setting first on your DC’s. Let that propagate and then roll it out to client machines.

This policy setting controls whether or not the system displays information about previous logons and logon failures to the user.

For local user accounts and domain user accounts in domains of at least a Windows Server 2008 functional level, if you enable this setting, a message appears after the user logs on that displays the date and time of the last successful logon by that user, the date and time of the last unsuccessful logon attempted with that user name, and the number of unsuccessful logons since the last successful logon by that user. This message must be acknowledged by the user before the user is presented with the Microsoft Windows desktop.

For domain user accounts in Windows Server 2003, Windows 2000 native, or Windows 2000 mixed functional level domains, if you enable this setting, a warning message will appear that Windows could not retrieve the information and the user will not be able to log on. Therefore, you should not enable this policy setting if the domain is not at the Windows Server 2008 domain functional level.

If you disable or do not configure this setting, messages about the previous logon or logon failures are not displayed.