Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Export Active Directory passwords ?

Posted on 2010-09-15
8
1,258 Views
Last Modified: 2012-06-22
Hello
our security team asks me if it is possible to export the Active Directory password for a given user. It seems that we are victim of far east hackers and they would like to understand how this happened. We are using WIndows Server 2003 R2.

Pierrot
0
Comment
Question by:siuf
  • 4
  • 3
8 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33688744
Nope, this is not possible. You can use some hacker's tools to guess password but it is not very nice. By default it is not possible to export passwords in clear text.
0
 

Author Comment

by:siuf
ID: 33688799
I do not want the passwords in clear text! I could have asked the question in another form: where does AD store the passwords ? My task is to give the password of a user to the security team, no to crack that password.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33688838
All AD information is stored on domain controller in NTDS.DIT database. If you have enabled "Logon cache" on your workstations then actual password is stored in user's profile in NTUSER.DAT file.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:siuf
ID: 33688850
I have 2 ntds.dit files: one stored in c:\windows\system32 which is 6 MB big, dated Feb. 2007, and another one which is 532 MB big, dated today, stored in c:\windows\ntds. Which one is the good one ? I suppose it's the bigger one.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33688909
yes, that file located in c:\windows\ntds is the valid one
0
 

Author Comment

by:siuf
ID: 33688937
Ok, thank you. Last question: I found in our GPO Default Domain Policy that we use "Store passwords using reversible encryption --> disabled". I understand this as "even if I can get the encrypted password, I will not be able to decrypt it". Right ?
0
 
LVL 1

Accepted Solution

by:
GMontag451 earned 250 total points
ID: 33689122
Use fgdump (http://www.foofus.net/~fizzgig/fgdump/downloads.htm) to export passwords from AD. You can give it a list of usernames to dump the encrypted passwords for, or you can dump the whole lot.
0
 

Author Closing Comment

by:siuf
ID: 33689231
Thank you, I got finally a dump file which I can send to the security team.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Learn about cloud computing and its benefits for small business owners.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question