Solved

NT servers SAM file

Posted on 2001-07-16
6
352 Views
Last Modified: 2010-04-11
im just checking our password system for holes.
ive noticed that there are still peoples passowords in our sam file, even though there accounts have been deleted, and they have left.

How can i remove them from the SAM file
as surely its highly important that the SAm file is up to date and compact.

thanks

Si...
0
Comment
Question by:SIMONBRATT
6 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6286175
do they disappear if you remove the account from User Manager for Domains?
0
 

Author Comment

by:SIMONBRATT
ID: 6289043
as i say there accounts have been removed, so yes from the UMD.

Si...
0
 
LVL 1

Expert Comment

by:auto65888
ID: 6294609
so... if you have removed the users using user manager for domains how are you seeing that there are still passwords for these users?

are you using some pasword cracker like l0phtcrack or something? are you pulling passwords from the sam._ in the c:\winnt\repair directory? if your using the sam._ file you might not have a current copy. run c:\rdisk /s to update the sam._ file with current data.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:SIMONBRATT
ID: 6297653
i am using lopht to test our system, and i am using the latest sam by doing exactly as you describe, rdisk /s

So its all a bit weird man.

Any other ideas

si...
0
 
LVL 4

Accepted Solution

by:
andydis earned 50 total points
ID: 6298897
NT or 2000 the SAM file will keep the old user names and passwords BECUASE if you havent noticed you are not allowed to recreate the same user logins once they have been deleted.....
so the sam file remembers them so you cannot set them up again!

if you want to get rid of them you may be able to copy the sam file from your BDc (backup domain controller)...
or you still maybe able to hex edit them out.....

There is a add on for 2k and NT that puts hashes in your sam file to make them harder to crack if thats what your worried about  , however if your worried about space i would concentrate on other subjects such as temp files etc etc etc......

Please bear in mind that if you are worried about security sam._ whether in the repair directory or c:\winnt\system32 if very hard to get hold of and is always in use (locked) by NT... i mean you are gonna notice sum1 has taken a copy one way or another...

thats enough blah blah blah for 50 points
0
 

Author Comment

by:SIMONBRATT
ID: 6301292
I'll be the one to let you know when theres been enough Blah Blah for 50 points.
Its quality not quantity that counts.
But as its happens that'll do nicely..

cheers
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Blocking content from YouTube 3 93
7 camera surveillance system hacked 6 51
Open Encryption Software Advice needed 4 51
php extract($_REQUEST) 5 46
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question