Delete Domain Cached Credentials When Not on a Domain

Is there anyway to delete the credentials of a cached domain account? The computer in question is unable to connect to the domain.

The local administrative account can log on, however the VPN client does not allow for launch before startup.

To clarify: this computer has two accounts: The local admin (localadmin) and user (userjon). Userjon is a domain created account. It was created when the computer was attached to our domain in house. It has since been shipped out to the field. The user has forgotten their password, and when they attempted to connect to the domain to reset it, somehow all the wires got crossed. Now it will not take the domain password (we reset it here within AD), nor will it take any of the five previous passwords that the user thinks they may have used.

Is there a way to clear out the cached password on the userjon account?

Edited to add: Would this even help to log on with the userjon account or is this a lost cause?
KIP HelpAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Joe RudSystems AdministratorCommented:
You can delete the cached credentials

To clear credentials:
Open the Local Security Policy on your computer (easiest way is from the Run box, type:  secpol.msc

From there, you want to navigate to:  Security Settings > Local Policies > Security Options.  Look for the policy, "Interactive logon: Number of previous logons to cache (in case domain controller is not available)"

Set this to "0 logons" to clear cached credentials.


That said, at that point, I don't see how your domain user would authenticate and log in, so I wouldn't do it.  You could try logging in as the local admin, then having your user log into VPN.  Then, once connected, accessing some resources where he would have to authenticate.  That should pull down and cache for you.
0
Joshua GrantomSenior Systems AdministratorCommented:
Here is a work around I've used in the past.

1. Have them logon to the local admin account and start the VPN session
2. Once the VPN is connected, go to Switch User and have them login.
3. Once they are in their account, restart the computer.
4. Their new credentials should be stored locally.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
KIP HelpAuthor Commented:
Unfortunately, the option for Switch User is grayed out and inaccessible when logged in as the local administrator account.
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Joshua GrantomSenior Systems AdministratorCommented:
logging into local administrator, you can change that by opening gpedit.msc and following this

http://helpdeskgeek.com/windows-7/windows-7-switch-user-disabled-or-greyed-out/

You may have to restart and then login as local admin again. Then you should be able to switch users above
0
KIP HelpAuthor Commented:
This resolved the problem. Once I was able to switch user, I was able to log on the user with VPN already connected.
0
Joshua GrantomSenior Systems AdministratorCommented:
Glad to help
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.