Navigation-Menus (Do Not Edit Here!)

Friday, August 19, 2011

How to clear user credentials cached at the Domain level


I ran in to a Problem with client PC running windows Xp where this one user who just simply cannot login to this system, using the Domain Credentials. i did some googling about domain level credential cashing and landed on a very informative article over at expert exchange

the cashed credentials are located in the following Registry location

“HKEY_LOCAL_MACHINE\SECURITY\CACHE”














By Default Windows allows you to cache 10 user credentials so there will be a total of 10 entries starting from NL$1 to NL$10. any new credentials will over write the oldest NL$ entry.

but be ware if you delete these NL$ entries it will disable the credential caching functionality in windows. so if it is a laptop, there will be an issue with using the PC out of the office network. to avoid this
Simply edit the “Value Data” in each NL$ entry and replace the data with ’0′ (ZERO). This will clear all the existing cached credentials.

uhh and one more thing i was not able to find this “HLM\SECURITY\CACHE” key in windows 7. i will update this post when i find some info on it