Perhaps I should ask 2 or three questions but since these are all related, here they are:
Situation: Multiple Windows 2019 Standard DCs synchronized. Windows 10 Pro workstations joined to the domain. We are changing Group Memberships on a DC script. Seems to work fine except for on one workstation / User.
As a practical matter, if necessary we prefer to restart the computer and logon the User in place of doing a logoff/logon of the User. For this purpose I don't see that this would matter (?).
Using: whoami.exe /groups net groups User /domain
DC replication is done as part of the change process and appears to be doing what it should. On one workstation/User, after the group membership change, the whoami command seems to "stick" at the old state. The net groups command changes to the new state. The lingering state shown with the whoami command appears to be the operative state.
So, here are the questions:
- When the whoami command is given, where it the data that it will use to report? (e.g. on the DC or on the workstation?)
- Is there more than one possible source for this information? (e.g. a cache perhaps)
- When the net groups command is given, where it the data that it will use to report? (e.g. on the DC or on the workstation?)
- Is there more than one possible source for this information? (e.g. a cache perhaps)
I've tried klist purge restart the computer and logon to User
So, a final question would be: How to force the state reported by whoami /groups to update?
