Get back user account password.
Hi,
According to this kb article (http://support.microsoft.com/kb/299656/en-us) hashes are stored locally or in the ntds.dit of the DC's. What I understand from that is that the hash is stored locally
for my local PC user account and in the Domain Controller ndts.dit. Wrong or right?.
That's my question, could I recover a domain user account password from a PC where that user has logged on to the domain?, is that password stored in the local SAM file, in the Domain Controller, both, neither of them?. I think that that password is stored
in the domain controllers but need some extra knowledge from the experts.
Thanks in advance.
July 5th, 2011 2:04pm
From the article:
These hashes are stored in the local Security Accounts Manager (SAM) database or in Active Directory.
If you are using an AD domain the passwords used for this domain will be stored in Active Directory. Local users password are stored locally one the computer in the SAM database.
That's my question, could I recover a domain user account password from a PC where that user has logged on to the
domain?,
If a user logon using a domain account then, by default, his credentials are cached locally. In this case, logon using cached credentials is possible.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft
Student Partner 2010 / 2011
Microsoft Certified
Professional
Microsoft Certified
Systems Administrator: Security
Microsoft Certified
Systems Engineer: Security
Microsoft Certified
Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows 7, Configuring
Microsoft Certified
IT Professional: Enterprise Administrator
Free Windows Admin Tool Kit Click here and download it now
July 6th, 2011 4:48pm
How could I get the password from the cahed credentials?.
Thank you.
July 7th, 2011 3:26am