Solved

Script for removing Stored Passwords

Posted on 2011-09-06
14
1,372 Views
Last Modified: 2012-08-26
Hi Expert Exchange,
 
Is there a way to remove stored passwords with a script because our users are restricted and we are having AD lockouts.


This would be a great help.
0
Comment
Question by:DoveSupport
  • 4
  • 3
  • 3
  • +4
14 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36489241
No script that I know of but others may chime in.  What are they having issues with.  Have you thought about adjusting your password policy if it is causing that much pain to the users?

Thanks


Mike
0
 
LVL 26

Expert Comment

by:pony10us
ID: 36489361
What is causing the lockout? If it is a when they are at the initial log in to the network then it should inform them that they need to change the password at that time. If that is the stored password then it will change what is stored as well.

IMHO: It is poor practice to store passwords in any case. It sort of defeats the purpose of having a password in the first place.
0
 
LVL 27

Expert Comment

by:Lukasz Chmielewski
ID: 36489377
0
 
LVL 1

Author Comment

by:DoveSupport
ID: 36489838
The user is getting locked out when logging on and using 3rd party software.
The stored passwords are a problem related to the proxy server, file share and Unix share's.
The problem is the password is stored but are not open to the user for when they put there username in it doesn't automatically add the password but windows dose keep a copy and that could be creating conflict.

Many Thanks
0
 
LVL 66

Accepted Solution

by:
johnb6767 earned 250 total points
ID: 36490141
I'm wondering if you disable the ability for the OS to store them, if it would still present ones still cached?

Disable Password Caching
http://www.pctools.com/guides/registry/detail/124/
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36492659
Have you tried CmdKey?
http://technet.microsoft.com/en-us/library/cc754243(WS.10).aspx

First run
cmdkey /list

and see if the problematic resources show up.  If so, I think that's your problem.  We've had sync issues with our Proxy because they set IE to remember their passwords too.

Regards,

Rob.
0
 
LVL 1

Author Closing Comment

by:DoveSupport
ID: 36501390
Many Thanks
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Expert Comment

by:raju_r7655
ID: 38319768
Hi ,

  I am a new user , could anyone help me with a script , which can clear the stored passwords in multiple systems, when included in logon script. Thanks in advance..

Regards ,
Raju
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 38320066
Hi, in a batch login script, you should be able to run
cmdkey /delete:*

to delete all stored passwords.

Rob.
0
 

Expert Comment

by:raju_r7655
ID: 38324584
Rob ,

Thanks for your response , If i want to push one script to all machines in the network , ( I can do that), i need the script which would delete all passwords stored in ms credential. however , will try you option too. Thanks a ton for reply
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 38327345
Sure.  Play around with the cmdkey options.  Type cmkey /? and go through some syntaxes.  If you only want to delete ms* credentials, use
cmdkey /delete:ms*

Rob.
0
 

Expert Comment

by:raju_r7655
ID: 38328115
Thanks ROB..
0
 
LVL 1

Author Comment

by:DoveSupport
ID: 38329176
I love the way our original ticket was hijacked for another !
0
 

Expert Comment

by:raju_r7655
ID: 38335544
My apology to the whole community , I didnt know , i had to create new ticket. I found another interresting command vaultcmd to read the password , thanks all..

Regards ,
Raju
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now