iNc0g
asked on
Automated way to delete cached credentials on MS Servers 2003/2008
Hi,
I've recently disabled the option to store cached credentials via GPO, also set the amount of records of cached credentials to "0" but this did not clear the already existing records which can be seen under "control userpasswords2" > advanced .
I am looking for a way to clear all existing cached records for 2008/2003 servers inside our domain.
Thanks.
I've recently disabled the option to store cached credentials via GPO, also set the amount of records of cached credentials to "0" but this did not clear the already existing records which can be seen under "control userpasswords2" > advanced .
I am looking for a way to clear all existing cached records for 2008/2003 servers inside our domain.
Thanks.
ASKER
What? how does purging the dns server cache would clean up the cached credentials under Windows Vault ?
besides, Dnscmd is not a recognized command under Server 2008.
besides, Dnscmd is not a recognized command under Server 2008.
Hi, Pls refer EE document.
https://www.experts-exchange.com/OS/Microsoft_Operating_Systems/A_448-How-to-DELETE-Windows-Local-Domain-Cached-Credentials.html
On Server2008, try using "schtasks.exe" - this will schedule the task
https://www.experts-exchange.com/OS/Microsoft_Operating_Systems/A_448-How-to-DELETE-Windows-Local-Domain-Cached-Credentials.html
On Server2008, try using "schtasks.exe" - this will schedule the task
ASKER
I came across that document already and it did not help me as there are no keys under:
HKEY_LOCAL_MACHINE\SECURIT Y\CACHE
in the server, but when I open the "control userpasswords2" > Advanced > Manage Passwords, I do see a cached domain user credentials.
HKEY_LOCAL_MACHINE\SECURIT
in the server, but when I open the "control userpasswords2" > Advanced > Manage Passwords, I do see a cached domain user credentials.
On server 2008 and higher, we have a command line utility to solve this with a script.
cmdkey.exe
However not on 2003 server. And wildcards are not possible, so you would need to provide a list of what should be deleted.
cmdkey.exe
However not on 2003 server. And wildcards are not possible, so you would need to provide a list of what should be deleted.
ASKER
so if I have 20+ win2k8 servers I would like to clear the cached passwords from, what script could help me achieve that ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
At the command prompt, run the following command:
Dnscmd /ClearCache
This applies to 2003 and 2008.