How to Remove Cached Domain Admin Credentials Effectively?

0
14
Asked By TechieTurtle87 On

I recently implemented LAPS in our environment, but I'm concerned about previously entered domain admin credentials that have been cached on workstations. I'm considering adding domain admin accounts to the "Protected Users" group to stop further caching. Is that the right move? Also, what's the best method to remove the cached credentials that are already stored?

3 Answers

Answered By LastMinuteMaverick On

Also worth noting, by adding your domain admin accounts to the "Protected Users" group, you can help prevent future credential caching. Just be sure to double-check that all systems can handle it, as this might change how those accounts can be used on certain devices.

Answered By CuriousCoder32 On

You could simply change the passwords for the domain admin accounts to invalidate any cached credentials. Just keep in mind that if someone is still logged in with the old credentials and their machine gets reconnected to the network, they could still access resources. So, it’s a good idea to take additional steps on the endpoints for tighter security.

Answered By WiseOldOwl99 On

If you're focusing on endpoint protection, you can use specific commands to clear out cached credentials. For instance, the command: `reg delete HKEY_LOCAL_MACHINESECURITYCACHE /va /f` will wipe out all cached credentials from the system. This is often used when shutting down machines after remote terminations to ensure no credentials are lingering.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.