| Flavien |
| (Getting the hang of it) |
| 2005-11-25 05:47 PM |
|
Clean TokenCache when computer is renamed
|
I've spent the afternoon trying to find out why KiXtart did not think that I was in Administrators...
If InGroup("\\" + @WkSta + "\" + SidToName("S-1-5-32-544")) > 0
;User is admin
EndIf
Well, I renamed the computer earlier this week...
Workaround:
If InGroup("\\" + @WkSta + "\" + SidToName("S-1-5-32-544")) = 0
;User should be at least user...
DelTree("HKEY_CURRENT_USER\Software\KiXtart\TokenCache")
EndIf
My suggestion to Ruud is to include the computer name in the token cache. If it doesn't match the current @wksta, refresh the cache.
Richard H.
|
| (KiX Supporter) |
| 2005-11-28 02:52 PM |
|
Re: Clean TokenCache when computer is renamed
|
Where you are using roaming profiles this would mean that the cache may be removed when it needn't be - not a big issue where your users always use the same computer, but potentially a problem for example in the Citrix environment where your user may rarely log on to the same machine twice in a row.
Including the machine name in the registry path would avoid this problem, but would bloat your HKCU hive as each machine you log onto would create an independant cache.
| Flavien |
| (Getting the hang of it) |
| 2005-11-28 03:17 PM |
|
|
Re: Clean TokenCache when computer is renamed
|
That is a good point. Clearing the cache too soon would negate its effectiveness.
Maybe only the local SIDs should be refreshed (S-1-5-32-*) when the computer name changes? This would add only one entry in the registry (with the computer name used when doing the last enumeration).
| Kdyer |
| (KiX Supporter) |
| 2005-11-29 03:26 PM |
|
|
Re: Clean TokenCache when computer is renamed
|
Question - Wouldn't Microsoft's SysPrep take care of this as it has the option to re-generate the Computers SID anyway? That is what we use when we re-image a machine and it works pretty slick.
Kent
| Witto |
| (MM club member) |
| 2005-12-14 01:28 AM |
|
|
Re: Clean TokenCache when computer is renamed
|
Why sysprep a computer if the SID is unique? Just to clear a KiXtart TokenCache?
| Sealeopard |
| (KiX Master) |
| 2005-12-14 04:28 AM |
|
|
Re: Clean TokenCache when computer is renamed
|
If you SysPrep a computer the token cache will be empty anyway with regards to the local SIDs.