Solved

Script for removing Stored Passwords

Posted on 2011-09-06
14
1,335 Views
Last Modified: 2012-08-26
Hi Expert Exchange,
 
Is there a way to remove stored passwords with a script because our users are restricted and we are having AD lockouts.


This would be a great help.
0
Comment
Question by:DoveSupport
  • 4
  • 3
  • 3
  • +4
14 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36489241
No script that I know of but others may chime in.  What are they having issues with.  Have you thought about adjusting your password policy if it is causing that much pain to the users?

Thanks


Mike
0
 
LVL 26

Expert Comment

by:pony10us
ID: 36489361
What is causing the lockout? If it is a when they are at the initial log in to the network then it should inform them that they need to change the password at that time. If that is the stored password then it will change what is stored as well.

IMHO: It is poor practice to store passwords in any case. It sort of defeats the purpose of having a password in the first place.
0
 
LVL 27

Expert Comment

by:Lukasz Chmielewski
ID: 36489377
0
 
LVL 1

Author Comment

by:DoveSupport
ID: 36489838
The user is getting locked out when logging on and using 3rd party software.
The stored passwords are a problem related to the proxy server, file share and Unix share's.
The problem is the password is stored but are not open to the user for when they put there username in it doesn't automatically add the password but windows dose keep a copy and that could be creating conflict.

Many Thanks
0
 
LVL 66

Accepted Solution

by:
johnb6767 earned 250 total points
ID: 36490141
I'm wondering if you disable the ability for the OS to store them, if it would still present ones still cached?

Disable Password Caching
http://www.pctools.com/guides/registry/detail/124/
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36492659
Have you tried CmdKey?
http://technet.microsoft.com/en-us/library/cc754243(WS.10).aspx

First run
cmdkey /list

and see if the problematic resources show up.  If so, I think that's your problem.  We've had sync issues with our Proxy because they set IE to remember their passwords too.

Regards,

Rob.
0
 
LVL 1

Author Closing Comment

by:DoveSupport
ID: 36501390
Many Thanks
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Expert Comment

by:raju_r7655
ID: 38319768
Hi ,

  I am a new user , could anyone help me with a script , which can clear the stored passwords in multiple systems, when included in logon script. Thanks in advance..

Regards ,
Raju
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 38320066
Hi, in a batch login script, you should be able to run
cmdkey /delete:*

to delete all stored passwords.

Rob.
0
 

Expert Comment

by:raju_r7655
ID: 38324584
Rob ,

Thanks for your response , If i want to push one script to all machines in the network , ( I can do that), i need the script which would delete all passwords stored in ms credential. however , will try you option too. Thanks a ton for reply
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 38327345
Sure.  Play around with the cmdkey options.  Type cmkey /? and go through some syntaxes.  If you only want to delete ms* credentials, use
cmdkey /delete:ms*

Rob.
0
 

Expert Comment

by:raju_r7655
ID: 38328115
Thanks ROB..
0
 
LVL 1

Author Comment

by:DoveSupport
ID: 38329176
I love the way our original ticket was hijacked for another !
0
 

Expert Comment

by:raju_r7655
ID: 38335544
My apology to the whole community , I didnt know , i had to create new ticket. I found another interresting command vaultcmd to read the password , thanks all..

Regards ,
Raju
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
Over the years I have built up my own little library of code snippets that I refer to when programming or writing a script.  Many of these have come from the web or adaptations from snippets I find on the Web.  Periodically I add to them when I come…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now