Solved

Delete Domain Cached Credentials When Not on a Domain

Posted on 2014-10-23
6
224 Views
Last Modified: 2014-10-28
Is there anyway to delete the credentials of a cached domain account? The computer in question is unable to connect to the domain.

The local administrative account can log on, however the VPN client does not allow for launch before startup.

To clarify: this computer has two accounts: The local admin (localadmin) and user (userjon). Userjon is a domain created account. It was created when the computer was attached to our domain in house. It has since been shipped out to the field. The user has forgotten their password, and when they attempted to connect to the domain to reset it, somehow all the wires got crossed. Now it will not take the domain password (we reset it here within AD), nor will it take any of the five previous passwords that the user thinks they may have used.

Is there a way to clear out the cached password on the userjon account?

Edited to add: Would this even help to log on with the userjon account or is this a lost cause?
0
Comment
Question by:KIP Help
  • 3
  • 2
6 Comments
 
LVL 14

Expert Comment

by:Geisrud
ID: 40400364
You can delete the cached credentials

To clear credentials:
Open the Local Security Policy on your computer (easiest way is from the Run box, type:  secpol.msc

From there, you want to navigate to:  Security Settings > Local Policies > Security Options.  Look for the policy, "Interactive logon: Number of previous logons to cache (in case domain controller is not available)"

Set this to "0 logons" to clear cached credentials.


That said, at that point, I don't see how your domain user would authenticate and log in, so I wouldn't do it.  You could try logging in as the local admin, then having your user log into VPN.  Then, once connected, accessing some resources where he would have to authenticate.  That should pull down and cache for you.
0
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 500 total points
ID: 40400366
Here is a work around I've used in the past.

1. Have them logon to the local admin account and start the VPN session
2. Once the VPN is connected, go to Switch User and have them login.
3. Once they are in their account, restart the computer.
4. Their new credentials should be stored locally.
0
 

Author Comment

by:KIP Help
ID: 40400373
Unfortunately, the option for Switch User is grayed out and inaccessible when logged in as the local administrator account.
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 16

Assisted Solution

by:Joshua Grantom
Joshua Grantom earned 500 total points
ID: 40400399
logging into local administrator, you can change that by opening gpedit.msc and following this

http://helpdeskgeek.com/windows-7/windows-7-switch-user-disabled-or-greyed-out/

You may have to restart and then login as local admin again. Then you should be able to switch users above
0
 

Author Closing Comment

by:KIP Help
ID: 40408477
This resolved the problem. Once I was able to switch user, I was able to log on the user with VPN already connected.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40408480
Glad to help
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
How to record audio from input sources to your PC – connected devices, connected preamp to record vinyl discs, streaming media, that play through your audio card: Vista, Windows 7, Windows 8, Windows 8.1 and Windows 10 – both 32 bit & 64.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question