We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Can I pull user info from the SAM?

Tyedyeguy
Tyedyeguy asked
on
Medium Priority
166 Views
Last Modified: 2013-12-04
Alright, I'm unfamiliar with Windows Security, so please bear with me. I have an Access application, that pulls information from Active Directory, based on the user's logon. I currently pull their first and last name, logon name, and email address. This is critical as I need it for validation purposes, and the validation for each record works differently depending upon who's logged in, compared to who edited the record previously, so I can't validate using an Access workgroup solely. I need to grab this info, so I can compare it to our staff database, to grab the user's job title which is stored there. Here's the kicker:

We are currently migrating users to XP, from Windows 2000, but this will take many months, and I need this validation completed this week. MANY users are still using Windows 2000. The validation works on XP, but I am told that the way the users accounts are set up, there is no Active Directory for Windows 2000 users. It was suggested that I pull Windows 2000 users info from the SAM file. I know nothing about SAM's, and after reading up on them, I have no clue if it's even possible, or how to go about extracting information for them.

Can anyone tell me if it's possible to extract an email address (or any identifiable personal information) from the SAM, and if so, how to go about it?
Comment
Watch Question

Specialist
Commented:
I think querying the system account manager will be verry tough, if even possible. Maybe there are api`s available in the WMI toolset, but not any im aware of. Next to that it might indicate quite a large security leak if it is indeed possible using such api`s. Next to that AD not being available for windows 2k clients sounds just as odd as querying the SAM database.

If there is an AD that works for windows XP clients you might want to reffer to LDAP based queries against the AD the xp clients use... But then again, im not the access person and am not a programmer... :S

Sorry i cant be of more help, but sure enough... querying the sam database? or read the data from a flat file? that sounds like hacking course 1 :P

Regards,

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
"but I am told that the way the users accounts are set up, there is no Active Directory for Windows 2000 users" - ???
Just try it out, I doubt that anything will be different from xp.

Author

Commented:
Sorry, I guess that I left out some information.  I have tried LDAP based queries, and I have tried pulling from AD for our Windows 2000 users. It gave me no errors, so everything appeared to be working. It wasn't until after a week of testing that I found out it wasn't really pulling the data (but everything looked like it was running fine).

I know next to nothing about Windows security, but I have since been told by many people that we don't use AD for our Windows 2000 user accounts. Beyond that, I haven't received any more clarification. It runs fine on my Windows 2000 machine, if I'm signed in using my XP account logon, so I'm quite certain the problem is more in how the user accounts are set up, then the OS itself. We're also migrating to a new network, so that could factor in as well.

I had to solve the problem by creating a table with specific user logon's in it for the users still using their Win2K accounts, as well as their identifiable personal records (first and last name). I compare that against our staff directory. I don't like it, but as a short-term solution, it'll work.

Thanks for the help guys. I'll give the points to Chris since he informed me that it doesn't sound possible.

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.