|
Posted by Miha Pihler [MVP] on July 30, 2005, 11:58 am
Please log in for more thread options
Hi Keith,
The cached credentials are stored in Registry under HKLM\Security\Cache. To
actually see the Cache Key you will have to change permissions on Security
part of the registry (give Administrator appropriate permissions).
After you change the policy for cached credentials from 10 to e.g. 0 you
will see NL$1 to NL$10 disappear.
--
Mike
Microsoft MVP - Windows Security
> Where is the user's password cached when you have a GPO setting on
> Interactive logon: Number of previous logons to cache (in case domain
> controller is not available)? Is it store in LSASS secrets?
>
> If we set our server to not store local cache of user's password what
> application or other things will break? I u nderstand that if you turn
> that
> off and there is no domain controller available that you will be unable to
> logon to that server in that domain...But what other hidden gotchas are
> out
> there that I might not be thinking of?
>
| 
XML Sitemap