• Renan Antonio Rodrigues

How to update Active Directory computer membership without rebooting Windows

Updated: Mar 30, 2019

If you want to update an Active Directory computer membership without rebooting the Server, this post shows how to do that in a very easy way.


The Challenge


In the WSUS project, I was in charge of last months in my work, I had to create and apply several policies to Servers and the most of them were critical for business, and a reboot would require manager approval and downtime for the application. So how could I apply the needed changes without rebooting the Operating System or don't need to wait around 9 hours to have the Kerberos tickets expired?


The Resolution


1 - Open the prompt as administrator and execute the following command:


klist -li 0x3e7 purge


2 - Next, execute the command - gpupdate /target:computer /force


The first command will delete all Kerberos tickets cache and force the system to get new ones with an updated group membership information. The second one is to force the group policy changes only for computers accounts.


For any doubts or suggestions, please leave a comment below.

Follow me

© 2023 by Nicola Rider.
Proudly created with
Wix.com
 

  • Branca Ícone LinkedIn