Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Mar 31 15 9:54 pm
Hello!
I'm creating Access Rule, which denied access for users not in specific domain group.
When I'm adding user to this group - he gain access. But if I then delete it from group, access not rejected. I think, it's cached.
How I can refresh cache?
p.s. sorry for my english.
Apr 13 15 1:02 pm
Hi
group membership in windows in an Active Directory is cached by windows.
Normally group membership is evaluated once when the user logs into windows, and a user token is created which contains the SID of every group the user is a member of. This token is cached for the duration of the windows session (e.g. while the user is logged into windows). This is done because in a large AD with many groups, evaluation of group membership can be very expensive - too expensive to do every time group membership is needed for security checking.
I think there are ways to clear the cache, but I think they are command line commands in the windows client, or requiring them to log out of windows then back in again.
Regards
Adrien de Croy
Powered by phpBB © phpBB Group.
phpBB Mobile / SEO by Artodia.