?
Solved

Can I pull user info from the SAM?

Posted on 2006-10-30
3
Medium Priority
?
144 Views
Last Modified: 2013-12-04
Alright, I'm unfamiliar with Windows Security, so please bear with me. I have an Access application, that pulls information from Active Directory, based on the user's logon. I currently pull their first and last name, logon name, and email address. This is critical as I need it for validation purposes, and the validation for each record works differently depending upon who's logged in, compared to who edited the record previously, so I can't validate using an Access workgroup solely. I need to grab this info, so I can compare it to our staff database, to grab the user's job title which is stored there. Here's the kicker:

We are currently migrating users to XP, from Windows 2000, but this will take many months, and I need this validation completed this week. MANY users are still using Windows 2000. The validation works on XP, but I am told that the way the users accounts are set up, there is no Active Directory for Windows 2000 users. It was suggested that I pull Windows 2000 users info from the SAM file. I know nothing about SAM's, and after reading up on them, I have no clue if it's even possible, or how to go about extracting information for them.

Can anyone tell me if it's possible to extract an email address (or any identifiable personal information) from the SAM, and if so, how to go about it?
0
Comment
Question by:Tyedyeguy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 11

Accepted Solution

by:
Chris Gralike earned 2000 total points
ID: 17837838
I think querying the system account manager will be verry tough, if even possible. Maybe there are api`s available in the WMI toolset, but not any im aware of. Next to that it might indicate quite a large security leak if it is indeed possible using such api`s. Next to that AD not being available for windows 2k clients sounds just as odd as querying the SAM database.

If there is an AD that works for windows XP clients you might want to reffer to LDAP based queries against the AD the xp clients use... But then again, im not the access person and am not a programmer... :S

Sorry i cant be of more help, but sure enough... querying the sam database? or read the data from a flat file? that sounds like hacking course 1 :P

Regards,
0
 
LVL 56

Expert Comment

by:McKnife
ID: 17845760
"but I am told that the way the users accounts are set up, there is no Active Directory for Windows 2000 users" - ???
Just try it out, I doubt that anything will be different from xp.
0
 

Author Comment

by:Tyedyeguy
ID: 17862477
Sorry, I guess that I left out some information.  I have tried LDAP based queries, and I have tried pulling from AD for our Windows 2000 users. It gave me no errors, so everything appeared to be working. It wasn't until after a week of testing that I found out it wasn't really pulling the data (but everything looked like it was running fine).

I know next to nothing about Windows security, but I have since been told by many people that we don't use AD for our Windows 2000 user accounts. Beyond that, I haven't received any more clarification. It runs fine on my Windows 2000 machine, if I'm signed in using my XP account logon, so I'm quite certain the problem is more in how the user accounts are set up, then the OS itself. We're also migrating to a new network, so that could factor in as well.

I had to solve the problem by creating a table with specific user logon's in it for the users still using their Win2K accounts, as well as their identifiable personal records (first and last name). I compare that against our staff directory. I don't like it, but as a short-term solution, it'll work.

Thanks for the help guys. I'll give the points to Chris since he informed me that it doesn't sound possible.

0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month11 days, 16 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question