Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

User Account Management

Status
Not open for further replies.

dbsnole

MIS
Jun 25, 2002
21
US
I am trying to manage user passwords across our organization. We are getting ready to implement a firm-wide password policy, but would like to retain a copy of each users' password when they change it. I have auditing turned on and am generating events 4738 and 4723, but there is no content that displays the old and new password.

Am I looking at the wrong events? Is this even possible? If so, I could use some help completing this task. Thanks!
 
For reasons of the most basic security I really don't this is even remotely possible. If this was possible any it admin could turn it on and seamlessly log into anyones machine as the user to cause havoc! If the clients cache the password (which most do) it is stored in the registry but is encrypted.

Regards

Adrian
 
You shouldn't need to keep a copy of their old passwords in a manual fashion. When you edit the GPO to change the password policy there is a setting called "Remember X previous passwords" or something similar to that. It will store the hashes for the previous passwords and ensure that they are not re-using those passwords again for the specified period. Note that these are the hashes, so you still cannot actually view the plaintext of their passwords without running some sort of cracking application.

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator
 
I was figuring this was going to be the general response, but that's why i posted it. Thanks for your help!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top