Password audit in 2008 DC
- From: Adrian Rodriguez <adrian.rodriguez@xxxxxxxxxxxx>
- Date: Wed, 14 Apr 2010 20:12:25 -0500
Hello,
I have a client that requires a password audit to it´s DC that is on a
win 2008 server system.
Due to the criticity of the service, the client does not allow the
execution of a non proven tool to do the task.
I´m trying to do a simple SAM dump on ths system but I need to know for
sure it´ll work and won´t cause a DOS.
I looked for documentation on fgdump and pwdump7. But I find some
contradicting info stating that the tools will only work as for
extracting the local SAM and not the hole Active Directory.
Does anyone have had a similar case? or a trully working experience in
this? Will this tools affect the service since the Win2008 security
responds differently to the tools dll or service?
Tnx in advance.
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Follow-Ups:
- Re: Password audit in 2008 DC
- From: Nikhil Wagholikar
- Re: Password audit in 2008 DC
- Prev by Date: Re: Evaluating Pen Testers
- Next by Date: Re: Password audit in 2008 DC
- Previous by thread: xprobe2-ng patch
- Next by thread: Re: Password audit in 2008 DC
- Index(es):
Relevant Pages
|
