Updating computer's AD Security Group membership without rebooting

I found the following to be very useful -

From the elevated command prompt execute “klist –li 0x3e7” to view the logon session of the computer account. To purge them, simply execute “klist –li 0x3e7 purge”.

A typical use case might involve targeting GPOs based on computer's group membership. When you add computer to the group in order to test the application of policies you can reboot it or, alternatively, run the above mentioned to clear logon sessions, then do “gpupdate /force” and check.

In a spirit of giving credit where credit is due, I found a few references to this, but the one I learned it from was http://setspn.blogspot.com/2010/10/updating-servers-security-group.html


  1. CE A good blog always comes-up with new and exciting information and while reading I have feel that this blog is really have all those quality that qualify a blog to be a one.

  2. Browse the list of coating agent in food additives online With so many books and articles coming up to give gateway to make-money-online field and confusing reader even more on the actual way of earning money,

  3. CBD Isolate Wholesale Your amazing insightful information entails much to me and especially to my peers. Thanks a ton; from all of us.

  4. dog leash Superbly written article, if only all bloggers offered the same content as you, the internet would be a far better place..


Post a Comment

Popular posts from this blog

PoSh Disable and Move AD Users

Skype for Business and VTC Interoperability

Mail-enabled security groups in Office 365