?
Solved

Script for removing Stored Passwords

Posted on 2011-09-06
14
Medium Priority
?
1,791 Views
Last Modified: 2012-08-26
Hi Expert Exchange,
 
Is there a way to remove stored passwords with a script because our users are restricted and we are having AD lockouts.


This would be a great help.
0
Comment
Question by:DoveSupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +4
14 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36489241
No script that I know of but others may chime in.  What are they having issues with.  Have you thought about adjusting your password policy if it is causing that much pain to the users?

Thanks


Mike
0
 
LVL 26

Expert Comment

by:pony10us
ID: 36489361
What is causing the lockout? If it is a when they are at the initial log in to the network then it should inform them that they need to change the password at that time. If that is the stored password then it will change what is stored as well.

IMHO: It is poor practice to store passwords in any case. It sort of defeats the purpose of having a password in the first place.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 1

Author Comment

by:DoveSupport
ID: 36489838
The user is getting locked out when logging on and using 3rd party software.
The stored passwords are a problem related to the proxy server, file share and Unix share's.
The problem is the password is stored but are not open to the user for when they put there username in it doesn't automatically add the password but windows dose keep a copy and that could be creating conflict.

Many Thanks
0
 
LVL 66

Accepted Solution

by:
johnb6767 earned 1000 total points
ID: 36490141
I'm wondering if you disable the ability for the OS to store them, if it would still present ones still cached?

Disable Password Caching
http://www.pctools.com/guides/registry/detail/124/
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36492659
Have you tried CmdKey?
http://technet.microsoft.com/en-us/library/cc754243(WS.10).aspx

First run
cmdkey /list

and see if the problematic resources show up.  If so, I think that's your problem.  We've had sync issues with our Proxy because they set IE to remember their passwords too.

Regards,

Rob.
0
 
LVL 1

Author Closing Comment

by:DoveSupport
ID: 36501390
Many Thanks
0
 

Expert Comment

by:raju_r7655
ID: 38319768
Hi ,

  I am a new user , could anyone help me with a script , which can clear the stored passwords in multiple systems, when included in logon script. Thanks in advance..

Regards ,
Raju
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 38320066
Hi, in a batch login script, you should be able to run
cmdkey /delete:*

to delete all stored passwords.

Rob.
0
 

Expert Comment

by:raju_r7655
ID: 38324584
Rob ,

Thanks for your response , If i want to push one script to all machines in the network , ( I can do that), i need the script which would delete all passwords stored in ms credential. however , will try you option too. Thanks a ton for reply
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 38327345
Sure.  Play around with the cmdkey options.  Type cmkey /? and go through some syntaxes.  If you only want to delete ms* credentials, use
cmdkey /delete:ms*

Rob.
0
 

Expert Comment

by:raju_r7655
ID: 38328115
Thanks ROB..
0
 
LVL 1

Author Comment

by:DoveSupport
ID: 38329176
I love the way our original ticket was hijacked for another !
0
 

Expert Comment

by:raju_r7655
ID: 38335544
My apology to the whole community , I didnt know , i had to create new ticket. I found another interresting command vaultcmd to read the password , thanks all..

Regards ,
Raju
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question