When a new user is added to a group in Windows, the user may not be able to immediately access application and network resources available to that group because the group's security token has not updated for the user. The Windows domain controller assigns security tokens to group members based on the users listed in the domain server's group membership cache. By default, the group membership cache is updated every eight hours. Rebooting the user's computer will force the domain controller to update the user's security token, but the security token can also be updated without a reboot by manually updating the group membership cache on the domain server.
- Skill level:
Other People Are Reading
Things you need
- Windows-based PC
- Access to the Windows domain controller
- Administrator access privileges
Log into the domain controller that the user lacking the proper security token is logged on to.
Open the Windows Run utility. Click the Windows "Start" button and then click "Run."
Open the Windows command prompt. In the Run window type "cmd" and then click "OK."
Open the Microsoft LDP Support Tool. Type "ldp" at the command prompt and press "Enter."
Open connections. Click "Connections" in the LDP application window and then click "connect." The LDP "Servers" box will appear.
Specify the server to be modified. Type the name of the domain server that maintains the group membership cache and click "OK."
Select "Bind" from the connections menu in the LDP application window. The "User" box will appear.
Enter administrator account and password credentials. Type "Administrator" in the "User" box. Type the administrator password into the "Password" box. Click "OK" to continue.
Open the "Browse" menu. Click on "Browse" in the LDP application window and click "Modify" from the displayed menu. The "Attribute" window will appear.
Specify task to modify. Type "updatecachedmemberships" in the Attribute window and type "1" into the "Value" box. The LDP application window returns to the forefront.
Update cache memberships. Click the "Extended" check box in the LDP application window and then click "Run." The cached group memberships will update and assign an updated security token to all group members without the need to reboot the domain controller or user's computer.
- 20 of the funniest online reviews ever
- 14 Biggest lies people tell in online dating sites
- Hilarious things Google thinks you're trying to search for