Solved

Copy cached Xp password from one PC to another

Posted on 2010-09-15
7
520 Views
Last Modified: 2012-05-10
Hi folks

I have two Windows Xp machines. My account on both machines used to have identical passwords, connected to a domain. I access the network via VPN.

I changed the password on one of the machines (and this change has obviously rolled through Active Directory). Now the other can't connect correctly to the domain. I can still log in to the machine, but when I VPN in it appears to connect but I get messages to lock and unlock the computer. I've done this several times but no luck.

How do I copy the cached password from the one to the other?
0
Comment
Question by:RogerIvy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 10

Expert Comment

by:jorlando66
ID: 33683135
You can't copy cached passwords.  You may be able to copy the security reg hive from one machine to the other but you would still need to access the registry on the machine you are locked out of.  Try downloading one of the many XP password reset disks out there so you can get into the locked machine.  Then log onto the vpn with your new password.
0
 

Author Comment

by:RogerIvy
ID: 33683293
I can access the registry on both machines, does this help?
0
 
LVL 31

Assisted Solution

by:Justin Owens
Justin Owens earned 166 total points
ID: 33683772
No... It is hashed.  You just cannot copy cached passwords...  To sync your password, you have to physically connect to the domain BEFORE you log in.  Set your VPN to authenticate before your AD does, if you can do that, or take your machine to a place where you can physically connect.

Justin
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 166 total points
ID: 33683906
You can try exporting HKLM\Security\Cache from one laptop to another.  You will need to run regedit under the account SYSTEM since the SYSTEM account is the owner of this key.  You can do this by using psexec from the Sysinternals PSTOOLS suite:
psexec -s -i regedit.exe
But I wouldn't recommend it...Microsoft goes out of their way to lock you out of this specific registry branch.  You can't just log in as an Administrator and open the key...you have to impersonate yourself as SYSTEM.
0
 
LVL 10

Accepted Solution

by:
jorlando66 earned 168 total points
ID: 33684209
You can log into the vpn before logon by selecting "logon using dial up networking"  Log into the vpn with your correct password and it will auth you into the domain. Or bring the machine into the office and log in there.  I have copied security hives in old versions of windows (98, original XP and 2000 server with some success but have also hosed a machine or two along the way.  Best bet is the vpn or physically bringing the box into the office.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 33957849
I have no objections to that resolution.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question