• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 178
  • Last Modified:

Removal of LAN Manager hashes of legacy user account passwords AD

Hello -

Active Directory is storing LAN Manager (LM) hashes of legacy user account passwords.  We are looking to change service account passwords to force Active Directory to no longer store the LAN Manager (LM) password hash. Some of ours still exist because the account hasn't logged in service account. For example, we have an account called calendar we used for setup, no one has logged in it since the day of setup. How do we go about removing it and others?
First Last
First Last
1 Solution
Chris DentPowerShell DeveloperCommented:
Delete the account if it's not used.

Disabling LAN manager hashes should have no negative impact unless you have something archaic which is explicitly reliant on that.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now