NT machine accounts
From: Andy (andy_at_debo.com.nosp)
Date: 10/30/03
- Next message: Kerry Liles: "Re: hacker at microsoft"
- Previous message: Mike Burgess: "Re: surferbar"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Oct 2003 23:17:45 GMT
Hopefully quite easy this one...
Every machine in a domain needs to have a machine account on the PDC.
The name of this account is the machine name with a $ afterwards.
Easy. Like MYSERVER$. But this account has a password...
1. It seems like the password gets issued initially FROM the PDC to
the client i.e. when the machine joins the domain it says 'whats my
password?'. Is this right?
2. Every so often, default 7 days in NT, the machine gets another
password. But is this 'refresh' password generated by the machine and
passed to the PDC or does again the PDC hand the password down to the
machine (after a request from the machine)?
3. The initial password seems to be the machine name. OK. But what
about the subsequent ones i.e. those that get generated every week?
4. How come when I do a lophtcrack on my SAM/registry a lot of the
machine account passwords are blank?
5. Regardless of what end generates the machine account password, how
does it securely tell the other end what password has been generated?
6. What length is the password that is generated? Is it random or
fixed in some way?
Well, OK, it's maybe not that easy to answer after all!! But if
anyone can help it would be great.
Andy
- Next message: Kerry Liles: "Re: hacker at microsoft"
- Previous message: Mike Burgess: "Re: surferbar"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
