Pricing  Get Quote

Cached Credentials

Update Windows cached credentials using ADSelfService Plus

Research has shown that up to 30 percent of all calls to the help desk are due to forgotten passwords. While help desk technicians handle these calls in most situations, they become powerless when the requests come from remote users. These users use locally cached Active Directory credentials to log on to their machines. When the user is away from the office, the help desk cannot change users' cached credentials in their machines remotely. And, with users becoming increasingly mobile, forgotten passwords could cause major business interruptions.

ADSelfService Plus, the web-based self-service password management solution, allows users to securely reset their passwords in Active Directory and also automatically update the cached domain credentials on their machines.

What are cached credentials?

When users log on to an Active Directory domain, a form of the logon information is cached locally on their machines. This cached credential makes it easy for users to log on to their Windows machines when they have no way of reaching the domain controller for authentication.

However, when a user forgets the password and it is reset in Active Directory by the IT help desk, the cached domain credentials in the users' machines are rendered inaccurate. Then, the user will not be able to access their machines; even the help desk technicians cannot assist them because resetting the password in Active Directory will not update the cached credentials as the help desk technicians cannot change password remotely.

Reset cached Windows domain password

ADSelfService Plus comes bundled with a GINA/CP client, which when installed, places the Reset Password/Account Unlock link right on the Windows logon screen. By clicking this link , users can reset their domain passwords. After a successful remote password reset, the cached password is automatically updated in users' machines.

Remote Self-Service: How ADSelfService Plus Updates Cached Credentials?

Cached Credentials Update

  • When remote users forget their passwords, they can use ADSelfService Plus’s GINA/CP client to reset their password right from the logon screen of their machines. For more information on the GINA/CP client, click here.
  • ADSelfService Plus resets the password in Active Directory and notifies the GINA/CP client that the reset operation is successful.
  • The GINA/CP client establishes a secure connection with the Active Directory through a VPN client, such as Fortinet and Cisco AnyConnect, and initiates a request for updating the local cached credentials.
  • After the request is approved by Active Directory, the cached credentials are updated in the users' machines.
  • After the request is approved by Active Directory, the cached credentials are updated in the users' machines.
    Click here for a step-by-step guide on how to enable cached password update and configure VPN settings.


Completely eliminate password reset calls: Empowering remote users with password self-service and auto-update of cached credentials will completely eliminate password reset requests.

Improve employee productivity: Remote users will have the ability to regain access to their machines quickly even if they forget their passwords. This avoids any major business interruptions.

Reduce costs: The cost associated with calling the help desk and creating a password reset ticket and then bringing the machine to a corporate location for re-authentication to the AD domain and cache the new credentials is time-consuming and expensive. ADSelfService Plus eliminates this with auto-update of cached credentials.

Allow remote users to reset passwords & update the locally cached credentials. 

  Download a free trial now!  Request demo

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by

A single pane of glass for complete self service password management