How does a legal administrator get a user password in ActiveDirectory?

Question

How does a legal administrator get a user password in ActiveDirectory?

If the password is stored with reversible encryption in Active Directory, how does the administrator / developer extract and decrypt this password?

In particular, I mean this parameter.

+3

windows passwords encryption active-directory

CHI Coder 007 Sep 16 '10 at 13:35

source share

2 answers

:

, : ( 1)
, : ( 2)

RevDump .

, .

+4

Dirk Vollmar 16 . '10 13:42

Michael Grafnetter · Accepted Answer · 2015-08-04T19:38:32+0000

Although Dirk's answer is correct, the RevDump tool only works on Windows Server 2003, since newer versions of Windows store reversibly encrypted passwords in a different way . So I created a new tool that supports Windows Server 2008+.

The simplest use case:

Get-ADReplAccount -SamAccountName April -Domain Adatum -Server LON-DC1

():

DistinguishedName: CN=April Reagan,OU=IT,DC=Adatum,DC=com
Sid: S-1-5-21-3180365339-800773672-3767752645-1375
SamAccountName: April
SamAccountType: User
NTHash: 92937945b518814341de3f726500d4ff
SupplementalCredentials:
  ClearText: Pa$$w0rd

How does a legal administrator get a user password in ActiveDirectory?

More articles: