Re: Export Passwords from AD
- From: "Paul Bergson" <pbbergs@xxxxxxxxxxxxx>
- Date: Tue, 13 Jan 2009 09:27:35 -0600
Ok, not that I am an expert on hashing but I didn't think there was a supported way to do it. So that was the premise of my answer. Appreciate the follow up though, I am still trying to learn all the intricate info.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"Michael Ströder" <michael@xxxxxxxxxxxx> wrote in message news:clju36-2fv.ln1@xxxxxxxxxxxxxxxxxxx
Jorge de Almeida Pinto [MVP - DS] wrote:it can be done (exporting hashes)....
This won't help since the NT hashes are probably not MD5 or SHA-1 (which
was what the original poster asked for). Also in later versions of AD
the has method could change...
Ciao, Michael.
"Paul Bergson" <pbbergs@xxxxxxxxxxxxx> wrote in message
news:7353BE1E-F0B5-460E-ADF6-9B566DD5AB74@xxxxxxxxxxxxxxxx
When you change your password in AD, there is the option of using a
filtering option. This is how third party password filters work. Vendors
write code that will inspect the password change before it is actually
approved and processed by AD. You could write code (Extremely diffciult
and wouldn't suggest it and could open up security holes) to filter the
password before it is passed along.
http://msdn.microsoft.com/en-us/library/ms721884(VS.85).aspx
As far as exporting hashes, etc... I don't believ it can be done.
Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"Irwin Fletcher" <fffletch@xxxxxxxxxxxxx> wrote in message
news:OJo$RgmcJHA.1528@xxxxxxxxxxxxxxxxxxxxxxx
Hmm, interesting. The IIFP appears to be free but MIIS and / or ILM
don't. Can the IIFP do what I need on its own? Or does that have to
work in coordination with either MIIS or ILM?
Maybe a better questions is, can MIIS and / or ILM export password hashes
or clear text passwords from an Active Directory?
Meinolf Weber [MVP-DS] wrote:Hello Irwin,
What will you achive with that? Maybe MIIS/IIFP can help you.
http://technet.microsoft.com/en-us/miis/default.aspx
http://www.microsoft.com/downloads/details.aspx?familyid=d9143610-c04d-41c4-b7ea-6f56819769d5&displaylang=en
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
I am looking for a way to export passwords from Active Directory.
From my understanding only hashes are stored. I can accept them as
hashes (only MD5 or SHA-1) if they can only be exported that way. And
if possible I'd like to do it over LDAP but I'm open to just about
anything. Anyone have any ideas?
.
- Follow-Ups:
- Re: Export Passwords from AD
- From: Joe Kaplan
- Re: Export Passwords from AD
- References:
- Export Passwords from AD
- From: Irwin Fletcher
- Re: Export Passwords from AD
- From: Meinolf Weber [MVP-DS]
- Re: Export Passwords from AD
- From: Irwin Fletcher
- Re: Export Passwords from AD
- From: Paul Bergson
- Re: Export Passwords from AD
- From: Jorge de Almeida Pinto [MVP - DS]
- Re: Export Passwords from AD
- From: Michael Ströder
- Export Passwords from AD
- Prev by Date: Re: win 2008 Child domain creation issue
- Next by Date: Re: recource mailbox to account
- Previous by thread: Re: Export Passwords from AD
- Next by thread: Re: Export Passwords from AD
- Index(es):
Relevant Pages
|
