Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Recovering a password in Active Directory

Status
Not open for further replies.
ScottWIT

ScottWIT

IS-IT--Management
May 22, 2007
145
US
I come from an environment where I stored the user passwords and knew all of them... now however I'm at a place where the users are creating their own passwords and I have no list of them. I need a way to find out various passwords at times for obvious reasons. What is the best way to go about doing that in AD instead of just resetting them?

 
Sort by date Sort by votes
I can't think of any "obvious" reasons to need to know someone's passwords. Can you explain further what these "obvious" reasons are?

Domain administrators can log-in and see anything on any device on the domain, so there really is no reason to need someone else's password.
 
Upvote 0 Downvote
Haha... I am getting the feeling you think I am not a Network Admin. I am, but I freely admit I'm still new (3 years into it) so I likely don't have all of the knowledge you do yet which is why I'm asking this question.

Here's an example... I started here 5 months ago and somebody today asked me the password for a login that was created before I got here. It's a login that tech support people will use on occasion. I didn't know it so how can I find out without resetting it?

 
Upvote 0 Downvote
you don't. Reset it if needed.

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
 
Upvote 0 Downvote
ok, if that's the general thinking among most admins then i'm fine with that. the only risk is if i reset a password on a login that is still active then they will be locked out but having them call me is not the end of the world i suppose.

 
Upvote 0 Downvote
If it's a generic account that many people use, the user should be able to ask one of the other folks what the password is. Otherwise resetting it and communicating the new password to the group is the only thing I know.

Good luck,
 
Upvote 0 Downvote
i agree - the only time i use a user's account for troubleshooting is when they are present.

i make sure to tell people that i can't see their current password, but if necessary i can reset it.

i don't think it would be wise to be able to impersonate anyone on the network - there is a difference between acting as a user and having access to user resources...
 
Upvote 0 Downvote
As long as it is not an account used to start a service on a server, there should be no issues resetting the password.

--------------------------------------
"Insert funny comment in here!"
--------------------------------------
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

julis2103
  • Locked
  • Question
Active Directory
Replies
0
Views
84
julis2103
julis2103
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
328
goombawaho
goombawaho
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
467
gbaughma
gbaughma
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
259
Aquiles Vidal
Aquiles Vidal
Mohamed-IT
  • Locked
  • Question
Windows server 2019 password locked
Replies
1
Views
78
strongm
strongm

Part and Inventory Search

Sponsor

Back
Top