Preventing a Domain Computer from Logging off Causes loss of Authentication

I have a set a domain computer to not require a password on wakeup. This is a strange situation I know but we want the user to never have to login to the computer unless he specifically logs out or restarts the computer.

This itself works, however when the user returns to the computer the next day and is still logged in, the computer seems to have lost its authentication with the server and when attempting to open the shared drives and folders the user is asked for a username and password. Aside from entering the credentials which we don't want him to have to do, the only thing that fixes is it is a restart.

Is the session expiring on the server or something, how can we fix this?


Solution 1:

You probably are running into the default Kerberos user ticket expiration time - which is 10 hours by default. Technically, if you really need the authentication to never expire, you might set the expiration time for user tickets to 0 (turning off expiration):

enter image description here

Note that this is a domain-wide setting with severe security implications. Anybody who has acquired a valid Kerberos user ticket will be able to hold it indefinitely and use it as a valid authenticator. You really should know what you are doing here.