Solved

Removal of LAN Manager hashes of legacy user account passwords AD

Posted on 2014-10-22
2
136 Views
Last Modified: 2014-12-10
Hello -

Active Directory is storing LAN Manager (LM) hashes of legacy user account passwords.  We are looking to change service account passwords to force Active Directory to no longer store the LAN Manager (LM) password hash. Some of ours still exist because the account hasn't logged in service account. For example, we have an account called calendar we used for setup, no one has logged in it since the day of setup. How do we go about removing it and others?
0
Comment
Question by:First Last
2 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 40398736
Delete the account if it's not used.

Disabling LAN manager hashes should have no negative impact unless you have something archaic which is explicitly reliant on that.

Chris
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40399706
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question