<div>
Windows can store passwords in two ways. LM Hash (weak) or NT Hash (pretty <br />
strong if users can come up with a good strong password). <br />
<br />
For LM Hash -- among other things DES is used to create a hash <br />
For NT Hash - MD4 is used.<br />

</div>


Windows can store passwords in two ways. LM Hash (weak) or NT Hash (pretty
strong if users can come up with a good strong password).

For LM Hash -- among other things DES is used to create a hash
For NT Hash - MD4 is used.


<div>
<div class="content wysiwyg-content">
When retrieving the attributes for a user in LDAP or DSML from Active Directory are any of those attributes a hashed form of the user's password (SHA1, MD5, etc?). If not is there a way to enable Active Directory to include a hashed password?
</div>
</div>


When retrieving the attributes for a user in LDAP or DSML from Active Directory are any of those attributes a hashed form of the user's password (SHA1, MD5, etc?). If not is there a way to enable Active Directory to include a hashed password?

LDAP / DSML Authentication Hashes

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.