[gptalk] Re: Disable saving of cached Credentials

  • From: "Mathieu CHATEAU" <gollum123@xxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Mon, 25 Aug 2008 20:33:27 +0200



You can use this key :


By default, the last 10 accounts are cached.

èTake care, if your DC are unavailable or unreachable (remote site), users
won?t be able to logon.


Cached domain logon information



This can be set through GPO of course :

Computer \ Security settings\ Local policies \ Security Options

Interactive logon: Number of previous logons to cache (in case domain
controller is not available)







french blog:  <http://www.lotp.fr/> http://www.lotp.fr

english blog:  <http://lordoftheping.blogspot.com/>


De : gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] De la
part de Asaf Efrati
Envoyé : lundi 25 août 2008 17:46
À : gptalk@xxxxxxxxxxxxx
Objet : [gptalk] Disable saving of cached Credentials


Hey everyone,


I have a two question for you guys, I tried looking for a solution but got
incomplete answers.


1.       Is there a way to deny access to the AT command for local admins?
(is that even that big of a deal? I am guessing it is)

2.       I am experiencing a problem I already discussed before but I am
looking for maybe something more globally,

When I use a UNC path from a users computer to access resources using admin
credentials those credentials are saved

For the current session, is there a way to ensure those credentials will not
be saved?

Mind you I don?t want to have to delete the local cache or mess with regedit


Thank you,


Asaf Efrati | IT & Security | eToro

A 32 Habarzel St. Tel Aviv 69710, Israel

T +9723 7686716 ext. 3076

M +972 545671587

F +9723 7686712

W www.eToro.com 


If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 


JPEG image

Other related posts: