locked
Clear Generic Credentials from Credential Manager RRS feed

  • Question

  • Hello,

    I am sorry this might be a dumb question, but I am trying to remove/clear Credential managers from ALL users of a remote computer.  

    The following Script helps me to Clear the credentials from the current user.  This is using CMD "cmdkey"

    for /F "tokens=1,2 delims= " %G in ('cmdkey /list ^| findstr Target') do  cmdkey /delete %H

    I dont know if Powershell can do something similar, but I would like to clear "credential manager" from a remote user by entering his computer name or IP Address

    Thank you

    Friday, August 9, 2019 7:33 PM

Answers

  • I think you need to learn both Windows and PwoerSHell more completely before trying these things.

    No.  You cannot "send" prompts.  Basic Windows would help you understand why this is impossible.

    You can give the use your batch file and let them run it by double clicking it on their desktop.

    Place the file on the "Public" desktop so all users will have it on their desktop.  A user can delete their own stored creds.  You cannot.

    This has nothing to do with PowerShell at all.  It is just basic Windows.  FOr basic Windows questions on how to use Windows post here:

    http://answers.microsoft.com


    \_(ツ)_/


    • Edited by jrv Sunday, August 11, 2019 12:13 AM
    • Marked as answer by mcubac Sunday, August 11, 2019 12:34 AM
    Sunday, August 11, 2019 12:13 AM

All replies

  • There are no PowerShell CmdLets to manage this.

    You can try this:

    [Windows.Security.Credentials.PasswordVault, Windows.Security.Credentials, ContentType = WindowsRuntime]
    $pv = [Windows.Security.Credentials.PasswordVault]::new()
    $pv.RetrieveAll()| 
        Select Username -Unique |
        ForEach-Object{
            $pv.FindAllByUserName($_.UserName)
        } |
        ForEach-Object{
            $pv.Remove($_)
        }
    



    \_(ツ)_/


    • Edited by jrv Friday, August 9, 2019 7:55 PM
    Friday, August 9, 2019 7:46 PM
  • This would be better:

    [Windows.Security.Credentials.PasswordVault, Windows.Security.Credentials, ContentType = WindowsRuntime]
    $pv = [Windows.Security.Credentials.PasswordVault]::new()
    $pv.RetrieveAll()| 
        Select Username -Unique |
        ForEach-Object{
            $pv.FindAllByUserName($_.UserName)
        } |
        ForEach-Object{
            $pv.Remove($_)
        }
    


    \_(ツ)_/

    Friday, August 9, 2019 7:54 PM
  • Thank you so much for your quick response,

    I run the script using my regular and admin account, but i got the following

    IsPublic IsSerial Name                                     BaseType                                                                                                                           
    -------- -------- ----                                     --------                                                                                                                           
    True     False    PasswordVault                            System.Runtime.InteropServices.WindowsRuntime.RuntimeClass  

    And nothing was removed :(

    Thanks!

    Friday, August 9, 2019 8:50 PM
  • Can't be used remotely and must be used elevated. 

    \_(ツ)_/

    Friday, August 9, 2019 8:53 PM
  • Thanks,

    So.... it looks like it might  not be possible using Powershell to a remote user.

    I had this crazy idea and I want to know if it might work.

    Let say I am the Admin and I want to clear all the credentials manager from User 1.

    I know that the following script works because it runs fine as a singular person.

    for /F "tokens=1,2 delims= " %G in ('cmdkey /list ^| findstr Target') do  cmdkey /delete %H

    Can I send a prompt to the user from my Admin PC (using Powershell) like...

    **Do you want to clear your Cache?**

    User can select **Yes or No... **

    When he clicks YES.... Powershell or batch file will copy the tiny script into his computer and open CMD and run it as him?

    Now, I am not sure if Powershell can send that Prompt (Yes or No)

    Saturday, August 10, 2019 11:42 PM
  • I think you need to learn both Windows and PwoerSHell more completely before trying these things.

    No.  You cannot "send" prompts.  Basic Windows would help you understand why this is impossible.

    You can give the use your batch file and let them run it by double clicking it on their desktop.

    Place the file on the "Public" desktop so all users will have it on their desktop.  A user can delete their own stored creds.  You cannot.

    This has nothing to do with PowerShell at all.  It is just basic Windows.  FOr basic Windows questions on how to use Windows post here:

    http://answers.microsoft.com


    \_(ツ)_/


    • Edited by jrv Sunday, August 11, 2019 12:13 AM
    • Marked as answer by mcubac Sunday, August 11, 2019 12:34 AM
    Sunday, August 11, 2019 12:13 AM
  • Thank you!!!

    I have a lot to learn, but you just gave me a good idea :)

    this is another dumb question from me.. but.. is C# and Powershell different apps? or do the same?

    I am just curious .. i was researching it using google, but lots of different answers..

    It is all good if you dont answer it

    Thanks!


    • Edited by mcubac Sunday, August 11, 2019 12:43 AM
    Sunday, August 11, 2019 12:36 AM