Retrieve user password from Active Directory

Posted on 2004-09-07
Last Modified: 2012-06-27
Please allow me to preface my question by stating, I am a part of the network admin team within my company.  I have the domain administrator password.  I have access to the pdc and all the users within AD.

That said, I am developing a help desk application for managing inventory, equipment, purchase orders and service tickets.  As part of the service ticket function, I have a customer info page.  When the customer calls, we launch the help desk tool which displays options for viewing outstanding work orders for the department, outstanding work orders for the caller, equipment assigned to the caller and information pertaining the the customer's domain account.  I would like to be able to extract the customer's password from active directory do display on the help desk-customer info page.

Is there a way to do this?  I can retrieve other information about the user (date created, password expiration, home directory, etc)

Again, I can pass the domain administrator password, that's not a problem.

Any help is appreciated

Question by:Sekans
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 76

Accepted Solution

David Lee earned 500 total points
ID: 12001454
To the best of my knowledge there is no way to extract the password for a user's account in AD.  You can verify or change the password from a program, but I don't believe there's any way to extract the password.  
LVL 12

Expert Comment

ID: 12006361
Yub, BlueDevilFan is right!

Except you know exactly the hashing algorithm or a mysteriously hidden API that Windows uses to encrypt a password then you could do it.  But again, till now it still impossible.

Author Comment

ID: 12560736
BlueDevilFan and jkaios,

Thank you for your input.  Unfortunately, there was no good answer to my question so I will be making a request to have this question deleted and my points refunded.

Thank you again,
LVL 76

Expert Comment

by:David Lee
ID: 12561420

Requesting a refund is fine with me.  I would like to point out however that just because you don't get the answser you want, that doesn't mean the question wasn't answered.  There are some things that just aren't possible.  If there was a way to retrieve the password for an account, then there'd have been no reason for tools like L0phtcrack that use brute force to figure them out.

-- BDF

Author Comment

ID: 12565696

Please forgive my ignorance.  I have since learned that 'it is not possible' is a valid answer.  As such, please accept the points and my gratitude for your efforts.


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many ways to remove duplicate entries in an SQL or Access database. Most make you temporarily insert an ID field, make a temp table and copy data back and forth, and/or are slow. Here is an easy way in VB6 using ADO to remove duplicate row…
Enums (shorthand for ‘enumerations’) are not often used by programmers but they can be quite valuable when they are.  What are they? An Enum is just a type of variable like a string or an Integer, but in this case one that you create that contains…
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question