How to programmatically clear the Kerberos ticket cache
Question
Does anyone know how to clear out the Kerberos ticket cache on the local computer - using managed \\ unmanaegd code?
Thanks in advance!
4 answers
solution1
5 ACCPTED 2010-02-16 04:51:23
I believe you need to do a call to LsaCallAuthenticationPackage using KERB_PURGE_TKT_CACHE_REQUEST after using either LsaConnectUntrusted or LsaRegisterLogonProcess . Sorry no specifics, but I don't have my code for this around...
solution2
2 2010-03-23 09:38:31
最简单的方法是获取Microsoft的KList的源代码(包含在平台SDK \\ Samples中),并像他们一样...
solution3
2 2014-09-14 16:07:13
There is a "managed C#" example of purging kerberos tickets using pInvoke at https://github.com/ErtiEelmaa/StackOverflow/blob/master/GroupPolicyUtilities.cs
Way too long to copy/paste here. It took some time since structures in pInvoke were invalid(eg someone though C++ LONG is equal to C# LONG and yada-yada), however, I've tested this one, and it worked for me.
Also, I noticed that the Windows server 2003 klist.c has few bugs in PurgeTicket:
- it does not clean up the response
- it double-checks the same "RESULT", instead of checking "RESULT" and then "SUB-RESULT"
solution4
0 2010-02-15 16:32:25
The simple, stupid way:
system("kdestroy");
Or if you want to be more legit, just check out the source of a kdestroy implementation. krb5_cc_destroy() seems to be the relevant function call.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.