Re: Remove a cached credential

From: "JN" <me@xxxxxxxx>
Date: Wed, 6 Aug 2008 17:37:15 -0400

Never mind. I found out how to do it without having to mess with GPOs.

I got the idea from another work around that I saw for gaining access to the
system under the system account.

1. use AT to run CMD.EXE one minute from now (12:00) as follows:
at 12:01 /interactive cmd.exe

2. This will open a command windows at 12:01.

3. CTRL +ALT + DEL and kill explorer.exe process.

4. from the command window type explorer.exe and you will be running as the
SYSTEM account.

5. Open Regedit and go to HKLM\Security\Cache and export the keys to a .reg
file.

6. Edit the REG file so all the keys that look like NL$1 - 10 are padded
with 00

I would have rathered find the right key for the credentials I wanted to
delete, but this just clears them all for sure. Now you just need to logout
and log back in again and just the accounts you use from that point on start
the cache again.

"JN" <me@xxxxxxxx> wrote in message
news:ucJENi%239IHA.1200@xxxxxxxxxxxxxxxxxxxxxxx

I have an odd problem. I recently had to change my user's naming
convensions from just their name to first initials + last name. I did this
pretty easily by just changing the users logon names in AD so all their
SIDs stayed the same and I also updated their profile and home directory
names (%USERNAME%) to reflect the new logon name.

I have a problem with some laptop users where they occasionally make the
mistake of using their old username when they are not on the network.
When they are on the network it is fine because they get denied logon
because of the non-existing name on the domain but when they are at home,
the laptop allows them to logon with the old name and that ends up
screwing up some things in their user profile until they get back into the
building for me to fix.

I know I can disable caching logons, but I don't want to do that for
obvious reasons for the laptop users. Is there a way I can just gut on
the one old logon name from the cache?

References:
- Remove a cached credential
  - From: JN

Prev by Date: Re: SP3 is NOT accumulative !!
Next by Date: Re: Unable to install XP Pro - BlueScreen!
Previous by thread: Remove a cached credential
Next by thread: Can't Get Display to Go to Sleep
Index(es):
- Date
- Thread

Relevant Pages

Access Denied - Where is it coming from?
... Security Log with error 534, logon failure due to user not being granted ... I noticed that it was the SYSTEM account being denied!!!!! ... Network logon using the Kerberos Logon Process. ...
(microsoft.public.win2000.security)
Re: file access problem
... We have some bluesocket machines which control the laptop logon. ... > other options, like SMS, Altiris, WSH, or even manual install. ... Laptop users, if they dialup or use a VPN ...
(microsoft.public.scripting.jscript)
Remove a cached credential
... I have an odd problem. ... pretty easily by just changing the users logon names in AD so all their SIDs ... I have a problem with some laptop users where they occasionally make the ... mistake of using their old username when they are not on the network. ...
(microsoft.public.windowsxp.general)
Re: Logon Server Unavailable
... There are currently no logon servers available to service ... You use a office laptop to connect the office VPN, when you map a network ... you may receive this message: "This account is the ... The server is not configured for transactions"> "A domain controller for your domain could not be contacted" ...
(microsoft.public.windows.server.general)
Re: Logon Server Unavailable
... There are currently no logon servers available to service ... You use a office laptop to connect the office VPN, when you map a network ... you may receive this message: "This account is the ... The server is not configured for transactions"> "A domain controller for your domain could not be contacted" ...
(microsoft.public.windows.server.dns)