Refreshing user's group membership in active directory without log-off/log-on

So, when user logs in to their workstation, they receive SIDs of groups they are members of, and this is used for the length of the session, until logging off.

Is there a way to refresh membership SIDs information without actually having to log off and log on again? I've added myself to a group, but can't log off without interrupting running process that requires these permissions. Don't want to have to go through these steps again...


No supported way that I know of. You MAY be able to use RUNAS to start a command prompt with a new session and specify your same account name again... and that may do it... but I'd be running most (if not all) things that need special permissions as services and/or under service accounts.


  • Open Task Manager
  • Kill all instances of explorer.exe
  • Go to File → "New Task (Run...)"
  • Type in cmd
  • In the command prompt type RunAs /user:<domain>\<user> explorer.exe

Done.