Windows Server 2000/2003 Thread, Getting User passwords in Technical; To be able to setup new cloud email accounts for our staff I need their usernames and passwords in a ...
20th January 2011, 02:05 PM #1
Getting User passwords
To be able to setup new cloud email accounts for our staff I need their usernames and passwords in a CSV.
Is there any way as an administrator I can do that easily? I can get the usernames from Active directory but the passwords don't seem to show.
I could request them all to send their passwords over email but that seems a little insecure to me
Last edited by zag; 20th January 2011 at 02:08 PM.
20th January 2011, 02:11 PM #2
Why can't you just set them up with a random password? Trying to hack their passwords doesn't sound too clever in my opinion, and could land you in a whole heap of trouble.
I wouldn't even ask a member of staff for their passwords - a password is a personal thing. I'd be pretty miffed if I found out someone hacked my password out of the system.
20th January 2011, 02:14 PM #3
Even on the Windows server, the password itself is not stored, but a hash representing it. These hashes may be copied and then cracking tools run against them, but I think this will only work if they are simple password with no complexity. So, I beleive that what you're asking for cannot be done.
20th January 2011, 02:18 PM #4
I want them to have single sign on so need their passwords to match their network passwords.
Originally Posted by Hightower
20th January 2011, 02:24 PM #5
Especially if it has none reversible encryption setup up.
20th January 2011, 02:24 PM #6
Easiest way, set it up but warn the staff their passwords will be reset. Give them new passwords so that they can login, then set them to force change once you're sorted and got it syncronised which, I'm guessing, will then update the password for the cloud?
20th January 2011, 02:30 PM #7
Single sign on involves having a single place that all the authentication request use. Any other system, as implied above, would require some sort of synchronisation of accounts, allowing for when users change passwords. Also, as the name suggests, single sign on means only having to login once to access multiple services.
20th January 2011, 02:31 PM #8
Which cloud based email system are you using, stuff like live@edu and google mail have utilities to do the single sign-on.
20th January 2011, 02:34 PM #9
Yeah, as tonyd has said, that doesn't sound like SSO to me. I've set many systems up for 'proper' SSO and none of them required me to know my staffs passwords.
Originally Posted by zag
20th January 2011, 03:16 PM #10
If you're talking about Live@edu you could set them up with random passwords and inform users that they would need to change them on first login.... however if you're using some ID management like ILM you could set up PCNS and just get the users to change their AD password which will prompt PCNS to sync that change to the cloud...
Originally Posted by zag
There's no way trying to figure out your own users passwords sounds like a good (or easy, or possible) idea.
20th January 2011, 05:00 PM #11
Yep its for Live@edu, I simply want to setup all of our admin staff (about 15 of them) with accounts as a test.
Ideally I could just tell them to log in with their normal email@example.com and passwords
I took a look at ILM but gave up on about page 20 of the install instructions
I think I will just ask them, its a lot easier.
Last edited by zag; 20th January 2011 at 05:05 PM.
21st January 2011, 10:36 AM #12
If it is for such a small number of test users why not just give them temporary passwords and have them change them? If your admin staff are savvy they won't give up their passwords, and if they do they probably need training about security.
Originally Posted by zag
ILM is probably overkill for a small test, but once it is up and running it takes the headache away from provisioning / de-provisioning at the start and end of every academic year. Best case scenario is that you have it tied in to your MIS, so that when your admin team do the yearly enrollment your AD users and Live@edu accounts are automatically provisioned through ILM (or FIM...).
Outside of Live@du there is a strong case for ID management as more and more systems require some for of ID (MIS, cloud services, databases, VLEs, etc) but have no way to bring it all together.
25th January 2011, 03:42 PM #13
I ended up importing the usernames via ad export >> CSV file and gave them all a password of "password". Users are then asked to change their password on first login.
I did find some software that cracked the passwords called L0phtCrack Password Auditor and it worked perfectly on the 10 test accounts I threw at it but a little expensive to buy the full program. Actually pretty scary what it can do!
Last edited by zag; 25th January 2011 at 03:49 PM.
By albertwt in forum Windows
Last Post: 29th March 2010, 01:01 PM
By Number6 in forum Windows
Last Post: 15th January 2010, 09:53 AM
By PEO in forum Windows Server 2008
Last Post: 3rd June 2009, 12:50 PM
By sidnuts in forum Windows
Last Post: 13th May 2009, 05:54 PM
By Pottsey in forum Windows
Last Post: 30th January 2007, 10:27 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)