Do generic credentials stored in a user's Vault on a domain-joined machine propagate through a domain?

Asked Mar 01 '18 at 13:16

Active Mar 02 '18 at 12:27

Viewed 666 times

On a Windows Server 2012 R2 domain, we are currently trying to make a specific user aware of some credentials it needs (to connect to some FTP server) through all machines on the domain. Windows Vault (the Credential Manager thing) documentation states that Enterprise-persistent credentials are supposed to be available to the user on subsequent logons on any machine on the domain. What we are trying to do is:

Defining some Enterprise-persistent generic credentials in the vault of the user on the AD (by opening a session in the user's name on the AD)
Reboot all other machines on the domain and log the user on.

What we witnessed on one of the other machines on the domain is:

We logged the user on the machine.
We opened the Credential Manager of the user on the machine.
The Credential Manager does not show the credential in the Vault.

My question is:

Is any of my assumptions wrong?
Is there anything that could impede the propagation of the credentials and what?

edited Mar 02 '18 at 12:27

asked Mar 01 '18 at 13:16

Laurent LA RIZZA

Credentials don't propagate. Also, it isn't clear what you're trying to accomplish or what you're doing to accomplish it. – joeqwerty Mar 01 '18 at 15:32
@joeqwerty: I clarified the question. I wonder why I did not actually talk about the Credential Manager. – Laurent LA RIZZA Mar 02 '18 at 12:28

Do generic credentials stored in a user's Vault on a domain-joined machine propagate through a domain?

0 Answers0