Does anyone know how to clear out the Kerberos ticket cache on the local computer - using managed \ unmanaegd code?

Thanks in advance!

I believe you need to do a call to LsaCallAuthenticationPackage using KERB_PURGE_TKT_CACHE_REQUEST after using either LsaConnectUntrusted or LsaRegisterLogonProcess. Sorry no specifics, but I don't have my code for this around...

The most simple way is to take the source code of Microsoft's KList (Included in the platform SDK\ Samples), and to do like them...

There is a "managed C#" example of purging kerberos tickets using pInvoke at https://github.com/ErtiEelmaa/StackOverflow/blob/master/GroupPolicyUtilities.cs

Way too long to copy/paste here. It took some time since structures in pInvoke were invalid(eg someone though C++ LONG is equal to C# LONG and yada-yada), however, I've tested this one, and it worked for me.

Also, I noticed that the Windows server 2003 klist.c has few bugs in PurgeTicket:

• it does not clean up the response
• it double-checks the same "RESULT", instead of checking "RESULT" and then "SUB-RESULT"

The simple, stupid way:

system("kdestroy");

Or if you want to be more legit, just check out the source of a kdestroy implementation. krb5_cc_destroy() seems to be the relevant function call.