[Samba] How to disable password caching in windows client

Yu Liao liaoyu17 at gmail.com
Tue Jul 19 21:10:07 MDT 2011 

Hi,

I think this parameter is related windows login. Can't solve my question.

I set security=user in samba server.
I run \\10.200.114.88\share, then there is a windows ask for user/pwd.
Next time, I run \\10.200.114.88\share, there is no windows ask for user/pwd.
I want there always ask for user/pwd, when I access the share.

--snip--
Interactive logon: Number of previous logons to cache (in case domain
controller is not available)

Description

Determines the number of users who can have cached credentials on the computer.

All previous users' logon information is cached locally so that, in
the event that a domain controller is unavailable during subsequent
logon attempts, they are able to log on . If a domain controller is
unavailable and a user's logon information is cached, the user is
prompted with a message that reads as follows:

Windows cannot connect to a server to confirm your logon settings. You
have been logged on using previously stored account information. If
you changed your account information since you last logged on to this
computer, those changes will not be reflected in this session.

If a domain controller is unavailable and a user's logon information
is not cached, the user is prompted with this message:

The system cannot log you on now because the domain <DOMAIN_NAME> is
not available.

In this policy setting, a value of 0 disables logon caching. Any value
above 50 only caches 50 logon attempts.

Default: 10
--end--

2011/7/19 Gaiseric Vandal <gaiseric.vandal at gmail.com>
>
> On 07/19/2011 06:38 AM, Yu Liao wrote:
>>
>> Hi,
>>
>> I want to input user name and password every time I access the share, so I
>> want to disable password caching in windows client. I google to find there
>> is a way to modify the windows registry. But it does not work on windows
>> 2003. Is there another way to disable password caching in winXP, win7, 2003
>> and 2008?
>>
>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network\DisablePwdCaching
>> = 1
>>
>> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\DisablePwdCaching
>> = 1
>>
>>
>>
> If you run gpedit.msc or secpol.msc
>     Security Settings - > Local Policies -> Security Option-> Interactive Logons: Number of Previous Logons to cache:
>    Default value  is 10.
>    If you change it to 0 it should NOT cache any logons.  That is the theory-  I haven't tested it tho.
>
> There should be a corresponding registry entry.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba


--
Best Regards.
Yu Liao

More information about the samba mailing list