We help IT Professionals succeed at work.

NTLM user database

najma asked
is there a NTLM user database where the logon username&
password 'll be stored?.can we access usernames&passwords
for authentication using NTLM?
Watch Question

NTLM is the protocol, SAM (Security Access Manager) is the set of databases used.
Yes, as well as through normal NT Server and desktop OS interfaces the SAM can also be accessed through API's. E.g. ADSI (Active Directory System Interface) already exists from the pre-ADS times and has calls which work also on the SAM.

Hope this helps,

<Erik> - The Netherlands

Just to add my contribution: the username/password pairs are actually stored nowhere in NT. What's stored is a password hash derived from the password, so accessing the database is useless, since the hashes cannot be reverted to the original password.

If you wish to, you find the data in the \winnt\system32\config\sam file. You can peek into the file if you use good old regedt32.exe, set focus on HKLM root, and then open the file using the "load structure" menu. To get at the file it needs to be offline, so you need a second NT version, or use tricks like rdisk /s or the NT backup program to get at the unlocked file. Unfortunately, if you look into it you see the user- and group names, but the rest of the data is all encrypted.

Armin Linder
ADMINISTRATION WILL BE CONTACTING YOU SHORTLY.  Moderators Computer101 or Netminder will return to finalize these if still open in seven days.  Please post closing recommendations before that time.

Question(s) below appears to have been abandoned. Your options are:
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you, but may help others. You must tell the participants why you wish to do this, and allow for Expert response.  This choice will include a refund to you, and will move this question to our PAQ (Previously Asked Question) database.  If you found information outside this question thread, please add it.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question (if it has no potential value for others).
   --> Post comments for expert of your intention to delete and why
   --> YOU CANNOT DELETE A QUESTION with comments; special handling by a Moderator is required.

For special handling needs, please post a zero point question in the link below and include the URL (question QID/link) that it regards with details.
Please click this link for Help Desk, Guidelines/Member Agreement and the Question/Answer process.  http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp

Click you Member Profile to view your question history and keep them updated as the collaboration effort continues, to maintain your open and locked questions.  If you are a  KnowledgePro user, use the Power Search option to find them.  Anytime you have questions which are LOCKED with a Proposed Answer which does not serve your needs, please reject it and add comments as to why.  In addition, when you do grade the question, if the grade is less than an A, please add a comment as to why.  This helps all involved, as well as future persons who may access this item for help.

To view your open questions, please click the following link(s) and keep them all current with updates.

------------>  EXPERTS:  Please leave your closing recommendations if this item remains inactive another seven (7) days.  If you are interested in the cleanup effort, please click this link http://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=commspt&qid=20274643 
POINTS FOR EXPERTS awaiting comments are listed here -> http://www.experts-exchange.com/commspt/Q.20277028.html

Moderators will finalize this question if still open in @7 days, by either moving this to the PAQ (Previously Asked Questions) at zero points, deleting it or awarding expert(s) when recommendations are made, or an independent determination can be made.  Expert input is always appreciated to determine the fair outcome.
Thank you everyone.
Moderator @ Experts Exchange
Zero response from anyone, finalized (first response accepted)
Moondancer - EE Moderator

Explore More ContentExplore courses, solutions, and other research materials related to this topic.