๐ Secure Bits ๐ก
๐๐ผ ๐๐ผ๐ ๐ฟ๐ฒ๐ฏ๐ผ๐ผ๐ ๐ฐ๐ผ๐บ๐ฝ๐๐๐ฒ๐ฟ๐ ๐ฎ๐ณ๐๐ฒ๐ฟ ๐ฐ๐ต๐ฎ๐ป๐ด๐ถ๐ป๐ด ๐๐ต๐ฒ๐ถ๐ฟ ๐๐ ๐ด๐ฟ๐ผ๐๐ฝ ๐บ๐ฒ๐บ๐ฏ๐ฒ๐ฟ๐๐ต๐ถ๐ฝ?
๐ You donโt have to.
When you add a computer account to a group (e.g., for GPO security filtering), the change doesnโt apply right away.
๐ช๐ต๐?
Because the computer still uses ๐๐ฒ๐ฟ๐ฏ๐ฒ๐ฟ๐ผ๐ ๐๐ถ๐ฐ๐ธ๐ฒ๐๐ that reflect old group memberships.
๐ ๐ผ๐๐ ๐ฎ๐ฑ๐บ๐ถ๐ป๐ ๐ท๐๐๐ ๐ฟ๐ฒ๐ฏ๐ผ๐ผ๐ โ but there’s a better way:
๐ ๐ข๐ป ๐๐ต๐ฒ ๐บ๐ฎ๐ฐ๐ต๐ถ๐ป๐ฒ, ๐ฟ๐๐ป:
klist purge โli 0x3e7
gpupdate /force
๐ง๐ต๐ถ๐ ๐ฐ๐น๐ฒ๐ฎ๐ฟ๐ ๐๐ต๐ฒ ๐ฐ๐ผ๐บ๐ฝ๐๐๐ฒ๐ฟ’๐ ๐๐ฒ๐ฟ๐ฏ๐ฒ๐ฟ๐ผ๐ ๐๐ถ๐ฐ๐ธ๐ฒ๐๐ and fetches new ones immediately โ no reboot needed.
Did you know about this trick?
