LOGbinder Blog

Updates, Tips and News   RSS Feed  

«  How to analyze where even... | Least Privilege Workaroun... »

Kerbpurge - Group memebership without a reboot

Sat, 01 Jun 2019 11:30:18 GMT

KerbPurge - What is it?

When you add a computer to a group in Active Directory, the computer does not know that it has been added to the group until a reboot happens. There are many obvious reasons why this is a problem. For example, you can't just reboot production servers at any time. Most organizations have some sort process in place for scheduling server reboots which in itself can be a time consuming process. When it comes to Windows Event Collection there are many reasons for adding endpoint forwarders to groups, especially if you are using Supercharger. For example, Superchargers builtin load balanced or distributed subscription feature rely's on group changes to keep forwarders balanced across the number of specified collectors. This is why Randy Franklin Smith of UltimateITSecurity.com designed and wrote KerbPurge.

Benefits and Features

  • Safely and efficiently make Windows computers see group membership changes
  • Tiny Windows service
  • Installable via Group Policy's Software Installation feature
  • Only purges tickets for the Network Service logon session and only when group membership has been changed for a computer
  • No measurable resource usage

Installation and Configuration

To install and configure Kerbpurge visit our knowledgebase for the step-by-step guide.

    Comments disabled

    powered by Bloget™