|Sorry, I'll try and be a bit clearer.|
Normal circumstances we log onto the domain from XP workstation.
However, if I unplug the network cable, the machine will still log on to a domain user account. It creates a temporary local profile for the user.
I feel this is a security breach and want to prevent it. It can be done from the DC in Domain Security Policy. I have done it before but am really struggling to find it.