Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 536
  • Last Modified:

Retrieve user password from Active Directory

Please allow me to preface my question by stating, I am a part of the network admin team within my company.  I have the domain administrator password.  I have access to the pdc and all the users within AD.

That said, I am developing a help desk application for managing inventory, equipment, purchase orders and service tickets.  As part of the service ticket function, I have a customer info page.  When the customer calls, we launch the help desk tool which displays options for viewing outstanding work orders for the department, outstanding work orders for the caller, equipment assigned to the caller and information pertaining the the customer's domain account.  I would like to be able to extract the customer's password from active directory do display on the help desk-customer info page.

Is there a way to do this?  I can retrieve other information about the user (date created, password expiration, home directory, etc)

Again, I can pass the domain administrator password, that's not a problem.

Any help is appreciated

Regards,
Sekans
0
Sekans
Asked:
Sekans
  • 2
  • 2
1 Solution
 
David LeeCommented:
To the best of my knowledge there is no way to extract the password for a user's account in AD.  You can verify or change the password from a program, but I don't believe there's any way to extract the password.  
0
 
jkaiosIT DirectorCommented:
Yub, BlueDevilFan is right!

Except you know exactly the hashing algorithm or a mysteriously hidden API that Windows uses to encrypt a password then you could do it.  But again, till now it still impossible.
0
 
SekansAuthor Commented:
BlueDevilFan and jkaios,

Thank you for your input.  Unfortunately, there was no good answer to my question so I will be making a request to have this question deleted and my points refunded.

Thank you again,
Sekans
0
 
David LeeCommented:
Sekans,

Requesting a refund is fine with me.  I would like to point out however that just because you don't get the answser you want, that doesn't mean the question wasn't answered.  There are some things that just aren't possible.  If there was a way to retrieve the password for an account, then there'd have been no reason for tools like L0phtcrack that use brute force to figure them out.

-- BDF
0
 
SekansAuthor Commented:
BlueDevilFan,

Please forgive my ignorance.  I have since learned that 'it is not possible' is a valid answer.  As such, please accept the points and my gratitude for your efforts.

Regards,
Sekans
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now