Solved

Delete Domain Cached Credentials When Not on a Domain

Posted on 2014-10-23
6
227 Views
Last Modified: 2014-10-28
Is there anyway to delete the credentials of a cached domain account? The computer in question is unable to connect to the domain.

The local administrative account can log on, however the VPN client does not allow for launch before startup.

To clarify: this computer has two accounts: The local admin (localadmin) and user (userjon). Userjon is a domain created account. It was created when the computer was attached to our domain in house. It has since been shipped out to the field. The user has forgotten their password, and when they attempted to connect to the domain to reset it, somehow all the wires got crossed. Now it will not take the domain password (we reset it here within AD), nor will it take any of the five previous passwords that the user thinks they may have used.

Is there a way to clear out the cached password on the userjon account?

Edited to add: Would this even help to log on with the userjon account or is this a lost cause?
0
Comment
Question by:KIP Help
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 14

Expert Comment

by:Geisrud
ID: 40400364
You can delete the cached credentials

To clear credentials:
Open the Local Security Policy on your computer (easiest way is from the Run box, type:  secpol.msc

From there, you want to navigate to:  Security Settings > Local Policies > Security Options.  Look for the policy, "Interactive logon: Number of previous logons to cache (in case domain controller is not available)"

Set this to "0 logons" to clear cached credentials.


That said, at that point, I don't see how your domain user would authenticate and log in, so I wouldn't do it.  You could try logging in as the local admin, then having your user log into VPN.  Then, once connected, accessing some resources where he would have to authenticate.  That should pull down and cache for you.
0
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 500 total points
ID: 40400366
Here is a work around I've used in the past.

1. Have them logon to the local admin account and start the VPN session
2. Once the VPN is connected, go to Switch User and have them login.
3. Once they are in their account, restart the computer.
4. Their new credentials should be stored locally.
0
 

Author Comment

by:KIP Help
ID: 40400373
Unfortunately, the option for Switch User is grayed out and inaccessible when logged in as the local administrator account.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 16

Assisted Solution

by:Joshua Grantom
Joshua Grantom earned 500 total points
ID: 40400399
logging into local administrator, you can change that by opening gpedit.msc and following this

http://helpdeskgeek.com/windows-7/windows-7-switch-user-disabled-or-greyed-out/

You may have to restart and then login as local admin again. Then you should be able to switch users above
0
 

Author Closing Comment

by:KIP Help
ID: 40408477
This resolved the problem. Once I was able to switch user, I was able to log on the user with VPN already connected.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40408480
Glad to help
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question