How to refresh current user privilege without relogin

Archived from groups: microsoft.public.win2000.security (More info?)

Hi,
I grant current win2k user a different group, normally, I've to
logoff and login again to make new group work for the current user.
Is there any command or tools that let me without relogin and refresh
current user privilige in current win2k session?

thanks
4 answers Last reply
More about refresh current user privilege relogin
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    The user token is built as a part of the login processing.
    There is as far as I know no alternative but building a new
    token via a login.

    --
    Roger Abell
    Microsoft MVP (Windows Security)
    MCSE (W2k3,W2k,Nt4) MCDBA
    "PanYB" <panyb@hotmail.com> wrote in message
    news:1103076594.202129.8420@z14g2000cwz.googlegroups.com...
    > Hi,
    > I grant current win2k user a different group, normally, I've to
    > logoff and login again to make new group work for the current user.
    > Is there any command or tools that let me without relogin and refresh
    > current user privilige in current win2k session?
    >
    > thanks
    >
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    Yes.
    Assuming you are running AD, you can use Klist or Kerbtray on the
    workstation, to purge the users kerbereos tickets. It will rebuild the
    token when you next access a network resource. Not all apps are friendly to
    manually purging kerb tickets.

    Your best bet is to follow the logoff and back on procedure.


    --
    Glenn L
    CCNA, MCSE 2000/2003 + Security

    "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
    news:e1Amc8k4EHA.824@TK2MSFTNGP11.phx.gbl...
    > The user token is built as a part of the login processing.
    > There is as far as I know no alternative but building a new
    > token via a login.
    >
    > --
    > Roger Abell
    > Microsoft MVP (Windows Security)
    > MCSE (W2k3,W2k,Nt4) MCDBA
    > "PanYB" <panyb@hotmail.com> wrote in message
    > news:1103076594.202129.8420@z14g2000cwz.googlegroups.com...
    >> Hi,
    >> I grant current win2k user a different group, normally, I've to
    >> logoff and login again to make new group work for the current user.
    >> Is there any command or tools that let me without relogin and refresh
    >> current user privilige in current win2k session?
    >>
    >> thanks
    >>
    >
    >
  3. Archived from groups: microsoft.public.win2000.security (More info?)

    Glenn

    but that would not clear the local token right? AFAIK the token will only be
    rebuilt on remote computers.

    --
    marco [alla] neovalens [punto] com

    [ www.neovalens.com ]
    ----


    "Glenn L" <the.only(delete)@gmail dot com> wrote in message
    news:e1zzumm4EHA.2196@TK2MSFTNGP14.phx.gbl...
    > Yes.
    > Assuming you are running AD, you can use Klist or Kerbtray on the
    > workstation, to purge the users kerbereos tickets. It will rebuild the
    > token when you next access a network resource. Not all apps are friendly
    > to manually purging kerb tickets.
    >
    > Your best bet is to follow the logoff and back on procedure.
    >
    >
    > --
    > Glenn L
    > CCNA, MCSE 2000/2003 + Security
    >
    > "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
    > news:e1Amc8k4EHA.824@TK2MSFTNGP11.phx.gbl...
    >> The user token is built as a part of the login processing.
    >> There is as far as I know no alternative but building a new
    >> token via a login.
    >>
    >> --
    >> Roger Abell
    >> Microsoft MVP (Windows Security)
    >> MCSE (W2k3,W2k,Nt4) MCDBA
    >> "PanYB" <panyb@hotmail.com> wrote in message
    >> news:1103076594.202129.8420@z14g2000cwz.googlegroups.com...
    >>> Hi,
    >>> I grant current win2k user a different group, normally, I've to
    >>> logoff and login again to make new group work for the current user.
    >>> Is there any command or tools that let me without relogin and refresh
    >>> current user privilige in current win2k session?
    >>>
    >>> thanks
    >>>
    >>
    >>
    >
    >
  4. Archived from groups: microsoft.public.win2000.security (More info?)

    Hi

    why would you want to do something like that to begin with? Can you explain
    us what you are trying to acheive by adding a group on the fly?

    --
    marco [alla] neovalens [punto] com

    [ www.neovalens.com ]
    ----


    "PanYB" <panyb@hotmail.com> wrote in message
    news:1103076594.202129.8420@z14g2000cwz.googlegroups.com...
    > Hi,
    > I grant current win2k user a different group, normally, I've to
    > logoff and login again to make new group work for the current user.
    > Is there any command or tools that let me without relogin and refresh
    > current user privilige in current win2k session?
    >
    > thanks
    >
Ask a new question

Read More

Microsoft Command Prompt Windows