Skip to content

Purge Kerberos tickets

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
function GetKerbSessions
{
  $Sessions = @()
  $WMILogonSessions = Get-WmiObject -Class win32_LogonSession
  foreach ($WMILogonSession in $WMILogonSessions)
  {
    $LUID = [Convert]::ToString($WMILogonSession.LogonID, 16)
    $LUID = '0x' + $LUID
    $Sessions += $LUID
  }
  return $Sessions
}

Write-Host 'WARNING: This script will purge all cached Kerberos tickets on the local computer for all sessions (whether interactive, network or other sessions).'  -backgroundcolor Red 
Write-Host 'In a well-connected environment clients will request and obtain Kerberos tickets on demand without interruption. If not well-connected to a domain controller (remote network) then further network resource authentication may fail or use NTLM if tickets are purged.' -BackgroundColor red
Write-Host 'Confirm whether to purge by entering YES'
$Response = Read-Host

if ($Response -match 'YES')
{
  $Sessions = GetKerbSessions

  foreach ($Session in $Sessions)
  {
    $PurgedTix = klist.exe -li $Session purge
  }
  Write-Host 'All tickets purged!' -backgroundcolor green
}
else
{
  Write-Host 'Confirmation not received. NOT purging tickets.' -backgroundcolor yellow
}