Password audit in 2008 DC



Hello,

I have a client that requires a password audit to it´s DC that is on a
win 2008 server system.
Due to the criticity of the service, the client does not allow the
execution of a non proven tool to do the task.

I´m trying to do a simple SAM dump on ths system but I need to know for
sure it´ll work and won´t cause a DOS.

I looked for documentation on fgdump and pwdump7. But I find some
contradicting info stating that the tools will only work as for
extracting the local SAM and not the hole Active Directory.

Does anyone have had a similar case? or a trully working experience in
this? Will this tools affect the service since the Win2008 security
responds differently to the tools dll or service?

Tnx in advance.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------