Monthly Archives: December 2016

Re-evaluate group membership without reboot or logoff

At my office we have a custom tool for creating project folders and assigning users access rights to these folders. As best practice the access rights to these folders are managed through a project specific group that users become member of. Downside is that you need to logoff and logon again to re-evaluate your group memberships to get the actual access.

Today I found out about a small tool called klist. It is an Microsoft tool for managing the Kerberos ticket cache and appears to be present by default on Windows. (At least on my Windows 10 Pro)
With the purge argument all tickets of the current logon session can be deleted forcing Windows to logon again and re-evaluate group membership.

klist purge

More information from Microsoft about klist on Technet.