off-boarding remote user with cache domain credentials

Javier Caporal
edited January 24 in Request
I am looking for a procedure that will, behind the scene and unknown to the user, cleared the cache domain credentials on the computer and logs them off so that the terminated user cannot log back on to the computer.
This would apply to users who have a domain joined machine but work off site.
Tagged:
0
0 votes

Shipped · Last Updated

solution provided by Jonathan Haase

0
0 votes

Needs Review · Last Updated

Comments

  • Jonathan Haase
    edited April 2019

    IN theory this should be pretty straightforward.  Cached Credentials are located in the registry under a key with the System user has rights to... according to the article here: it's as simple as clearing out the binary values to "0".  

    https://www.mysysadmintips.com/windows/clients/6-clear-cached-credentials

    Then doing the logout.  I haven't tested but it should be something like this:

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$1", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$2", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$3", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$4", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$5", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$6", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$7", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$8", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$9", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    setRegistryValue("HKEY_LOCAL_MACHINE\Security\Cache\NL$10", "0","REG_BINARY", "All Operating Systems", "Halt on Fail")

    LogoffCurrentUser(" ", "All Operating Systems", "Halt on Fail")





  • Trevor Okazaki
    Trevor Okazaki Member CHOCOLATE MILK
    edited February 2020

    use 00 for the value instead of 0 and use a reboot instead of logoffcurrentuser and it'll work no problem.

This discussion has been closed.