LC5

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Hello,

I used LC5 to retreive passwords from my domain when installed LC5 on a
member server and went for the LAN Manager hash on the Domain Controller. In
order to get this done I had to have Domain Admin priviledges.

Does this happened because the setting on the GPO "Network Security: Do not
store LAN Manager has value on next password change" is currently set to
'Not Defined'

If I set this up to Enable on the DC will this change the full scenario?

However,

--

Sincerely,

Héctor L. Graxirena - President & CEO
HoBITS, Inc.
813.716.6814
http://www.hobits.com
hgraxirena@hobits.com

This message contains information that may be confidential and privileged.
Unless you are the addressee (or authorized to receive for the addressee),
you may not use, copy, or disclose to anyone this message or any information
contained in this message. If you have received this message in error,
please advise the sender by reply e-mail, and delete or destroy this
message. You may contact the following security email if you have received
this e-mail in error: secmail@hobits.com
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

No, AFAIK, the documentation for LC5 may indicate that this is a requirement
of Windows 2000 and newer, due to hardening done to prevent non-admins from
accesing the user store. I believe pwdump2 and 3 have the same limitations.

The setting you mention should not have any effect on this one way or
another, nor am I aware of a setting that will change this behavior.


"GX" wrote:

> Hello,
>
> I used LC5 to retreive passwords from my domain when installed LC5 on a
> member server and went for the LAN Manager hash on the Domain Controller. In
> order to get this done I had to have Domain Admin priviledges.
>
> Does this happened because the setting on the GPO "Network Security: Do not
> store LAN Manager has value on next password change" is currently set to
> 'Not Defined'
>
> If I set this up to Enable on the DC will this change the full scenario?
>
> However,
>
> --
>
> Sincerely,
>
> Héctor L. Graxirena - President & CEO
> HoBITS, Inc.
> 813.716.6814
> http://www.hobits.com
> hgraxirena@hobits.com
>
> This message contains information that may be confidential and privileged.
> Unless you are the addressee (or authorized to receive for the addressee),
> you may not use, copy, or disclose to anyone this message or any information
> contained in this message. If you have received this message in error,
> please advise the sender by reply e-mail, and delete or destroy this
> message. You may contact the following security email if you have received
> this e-mail in error: secmail@hobits.com
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

You would have to be logged on or use domain administrator credentials to
use LC5 to retrieve domain passwords from a domain controller. That is
normal and the way it should be. It would not matter whether the security
option is enabled or undefined. One it is enabled, XP Pro and Windows 2003
computers under the scope of influence of that security policy -
local/domain/OU will no longer create lm hashes for passwords. Existing lm
hashes will remain until users password is changed. Windows 2000 computer
require a registry mod to disable lm hashes. --- Steve


"GX" <GX@DOMAIN.com> wrote in message
news:0xd9d.74424$Of3.66373@tornado.tampabay.rr.com...
> Hello,
>
> I used LC5 to retreive passwords from my domain when installed LC5 on a
> member server and went for the LAN Manager hash on the Domain Controller.
> In order to get this done I had to have Domain Admin priviledges.
>
> Does this happened because the setting on the GPO "Network Security: Do
> not store LAN Manager has value on next password change" is currently set
> to 'Not Defined'
>
> If I set this up to Enable on the DC will this change the full scenario?
>
> However,
>
> --
>
> Sincerely,
>
> Héctor L. Graxirena - President & CEO
> HoBITS, Inc.
> 813.716.6814
> http://www.hobits.com
> hgraxirena@hobits.com
>
> This message contains information that may be confidential and privileged.
> Unless you are the addressee (or authorized to receive for the addressee),
> you may not use, copy, or disclose to anyone this message or any
> information contained in this message. If you have received this message
> in error, please advise the sender by reply e-mail, and delete or destroy
> this message. You may contact the following security email if you have
> received this e-mail in error: secmail@hobits.com
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom