+ Post New Thread
Results 1 to 13 of 13
Windows Thread, How do I extract usernames and Passwords from AD to make a CSV file ? in Technical; How do I extract usernames and Passwords from AD to make a CSV file ?...
  1. #1
    Grommit's Avatar
    Join Date
    Sep 2006
    Location
    Weston-super-Mare
    Posts
    1,335
    Thank Post
    31
    Thanked 54 Times in 31 Posts
    Rep Power
    25

    How do I extract usernames and Passwords from AD to make a CSV file ?

    How do I extract usernames and Passwords from AD to make a CSV file ?

  2. #2
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22
    I don't think that there is going to be any way to list passwords from AD - I certainly hope not. A few years ago you could have used something called L0phtcrack from @Stake, but that doesn't work with modern systems. Think of the security risks.

    You CAN use an Active Directory Migration Tool to move accounts from one AD to another though if you like.

    http://www.microsoft.com/downloads/d...displaylang=en

    What do you want this information for?

  3. #3


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,690
    Thank Post
    352
    Thanked 796 Times in 715 Posts
    Rep Power
    347
    We asked ourselves this very question some years ago when we moved to AD. - We then decided that rather than let AD dictate what the data was, we supplied the data to AD so we always have a record which comes in ever so useful when some xyz software wishes the users to "log onto it".

    To answer your question, I too doubt you can without considerable effort.

    Have a look here for some information.

  4. #4

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,935
    Thank Post
    1,341
    Thanked 1,784 Times in 1,107 Posts
    Blog Entries
    19
    Rep Power
    595
    I was asked about this at Friday's Northants IT Managers' meeting ... but from the point of testing the complexity of passwords used.

    There is a possible hypothetical scenario that has some major caveats ... and I do mean major.

    Should you wish to perform a brute force attack using some of the tools previously mentioned or other more interesting tools (rainbow hash, etc rather than brute force) then to protect yourself, your network and your users I was always told to do certain things (not that I have ever tried!!! erm ... )

    First, you need to use these tools on a closed network. You are performing this on a machine that has no connections to anything at all!!!! It is a machine that has been set up specifically for this purpose and will be securely wiped as soon as you are happy with it. Any files you remove from it (csv or otherwise) will be scanned with every possible AV and anti-spyware scanner possible. Not all tools (or copies of tools) that you pull down to do the password attack are done by white hat / grey hat coders ... some that you pull down will have backdoors that will then send you info to a remote box and you could be leaving yourself open to attack.

    Second ... the machine that you are running this on, you can now separate it a lot easier than a few years ago by using virtualisation tools. Build a server on VMWare, make it a DC (global catalogue, etc) and make sure everything is hunky dory with it on the network. Then shut it down, clone the image of it, move the image onto a machine that will be away for the network. The Original VMWare box can now be demoted from being a DC and then removed from the domain. Make sure it is completeley removed just in case. If possible also change the admin password too. (it is not paranioa ... it is being safe!)

    So ... we have this VMWare image of a working DC that has all the info on it.

    Make sure that you are not sharing the network or have an shared folders between the image and the host machine. Once you are confident that *nothing* can get from the guest to the host then you can start.

    I would recommend 3 weeks for a brute force attack, and other attacks can be completed a lot sooner (according to information I have read!)

    There are other ways of doing things but the above is the safest I can find / think of.

    Remember that I do not advocate anyone using any form of cracking, hacking, man-in-the-middle or other forms of attack to get information out of systems that is encrypted or protected in anyway, even if it is your network and you need to get the info to complete a body of work.

    All of these attacks rely on physical access (or remote administrator access) to start and complete. Protect your systems by keeping machines secure and patched.

  5. #5
    Grommit's Avatar
    Join Date
    Sep 2006
    Location
    Weston-super-Mare
    Posts
    1,335
    Thank Post
    31
    Thanked 54 Times in 31 Posts
    Rep Power
    25
    Quote Originally Posted by GrumbleDook View Post
    I was asked about this at Friday's Northants IT Managers' meeting ... but from the point of testing the complexity of passwords used.

    There is a possible hypothetical scenario that has some major caveats ... and I do mean major.

    Should you wish to perform a brute force attack using some of the tools previously mentioned or other more interesting tools (rainbow hash, etc rather than brute force) then to protect yourself, your network and your users I was always told to do certain things (not that I have ever tried!!! erm ... )

    First, you need to use these tools on a closed network. You are performing this on a machine that has no connections to anything at all!!!! It is a machine that has been set up specifically for this purpose and will be securely wiped as soon as you are happy with it. Any files you remove from it (csv or otherwise) will be scanned with every possible AV and anti-spyware scanner possible. Not all tools (or copies of tools) that you pull down to do the password attack are done by white hat / grey hat coders ... some that you pull down will have backdoors that will then send you info to a remote box and you could be leaving yourself open to attack.

    Second ... the machine that you are running this on, you can now separate it a lot easier than a few years ago by using virtualisation tools. Build a server on VMWare, make it a DC (global catalogue, etc) and make sure everything is hunky dory with it on the network. Then shut it down, clone the image of it, move the image onto a machine that will be away for the network. The Original VMWare box can now be demoted from being a DC and then removed from the domain. Make sure it is completeley removed just in case. If possible also change the admin password too. (it is not paranioa ... it is being safe!)

    So ... we have this VMWare image of a working DC that has all the info on it.

    Make sure that you are not sharing the network or have an shared folders between the image and the host machine. Once you are confident that *nothing* can get from the guest to the host then you can start.

    I would recommend 3 weeks for a brute force attack, and other attacks can be completed a lot sooner (according to information I have read!)

    There are other ways of doing things but the above is the safest I can find / think of.

    Remember that I do not advocate anyone using any form of cracking, hacking, man-in-the-middle or other forms of attack to get information out of systems that is encrypted or protected in anyway, even if it is your network and you need to get the info to complete a body of work.

    All of these attacks rely on physical access (or remote administrator access) to start and complete. Protect your systems by keeping machines secure and patched.

    I just need it to populate Mylittlehelpdesk..... Ozan asaid that he had a way of doing it but he seems to have vanished just before we go live leaving us up the creek...

  6. #6

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,935
    Thank Post
    1,341
    Thanked 1,784 Times in 1,107 Posts
    Blog Entries
    19
    Rep Power
    595
    Quote Originally Posted by Grommit View Post
    I just need it to populate Mylittlehelpdesk..... Ozan asaid that he had a way of doing it but he seems to have vanished just before we go live leaving us up the creek...
    Ah ... you are talking about the AD integration? Pretty sure there are a few members that have it set up already for that. I think Plexor does ...

  7. #7
    ninjabeaver's Avatar
    Join Date
    Jun 2005
    Location
    Norfolk
    Posts
    1,089
    Thank Post
    182
    Thanked 100 Times in 88 Posts
    Rep Power
    46
    Quote Originally Posted by Grommit View Post
    I just need it to populate Mylittlehelpdesk..... Ozan asaid that he had a way of doing it but he seems to have vanished just before we go live leaving us up the creek...
    OP Software Support Site - Bulk Adding of New Users

    and / or

    OP Software Support Site - NTLM setup for seamless login

    is what you are after I think.

  8. #8
    Grommit's Avatar
    Join Date
    Sep 2006
    Location
    Weston-super-Mare
    Posts
    1,335
    Thank Post
    31
    Thanked 54 Times in 31 Posts
    Rep Power
    25
    Quote Originally Posted by GrumbleDook View Post
    Ah ... you are talking about the AD integration? Pretty sure there are a few members that have it set up already for that. I think Plexor does ...

    Quote Originally Posted by ninjabeaver View Post
    Thanks for the advise..

    But not really he is hosting it so it wouldn't be cahtting to my DC AD...,

    Thanks for the Lonks.. I can add bulk users but what I need is the passwords from AD

  9. #9

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    7,140
    Thank Post
    403
    Thanked 622 Times in 568 Posts
    Rep Power
    181
    Why not just set the passwords yourself and then ask staff to change them when they login? Problem solved.

  10. #10

    Join Date
    Feb 2006
    Location
    Isle of Wight, UK
    Posts
    149
    Thank Post
    28
    Thanked 28 Times in 25 Posts
    Rep Power
    22
    Quote Originally Posted by Grommit View Post
    I can add bulk users but what I need is the passwords from AD
    User passwords are stored in Active Directory using one-way encryption, - ie. you can't reverse the process (without resorting to a brute-force approach which could take a while!). There is a security policy option to change this, but it's not a recommended approach (I'm also not sure what it'll do to existing passwords).

    Stephen

  11. #11
    krisd32's Avatar
    Join Date
    Feb 2006
    Location
    Longridge, Preston
    Posts
    545
    Thank Post
    85
    Thanked 68 Times in 47 Posts
    Rep Power
    43
    You can do this by using csvde to get an export of usernames.
    forgot all the switches and so on but i'm sure a quick google will bring something up.

  12. #12

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,684
    Thank Post
    516
    Thanked 2,453 Times in 1,899 Posts
    Blog Entries
    24
    Rep Power
    833
    Quote Originally Posted by Gibbo View Post
    Well said, sir

    Another data loss:

    BBC NEWS | England | West Midlands | Teachers' details on missing disk

    Teachers' details on missing disk

    A computer disk containing the names and addresses of more than 11,000 teachers has gone missing in the post.
    FTA: "The GTC said the information had been encrypted"

  13. #13
    petectid's Avatar
    Join Date
    Jun 2005
    Posts
    298
    Thank Post
    2
    Thanked 15 Times in 13 Posts
    Rep Power
    20
    Quote Originally Posted by eejit View Post
    I don't think that there is going to be any way to list passwords from AD - I certainly hope not. A few years ago you could have used something called L0phtcrack from @Stake, but that doesn't work with modern systems. Think of the security risks.

    You CAN use an Active Directory Migration Tool to move accounts from one AD to another though if you like.

    http://www.microsoft.com/downloads/d...displaylang=en

    What do you want this information for?
    Because he has the administrator password and system access this would not be to difficult with either l0pthcrack also known as LC5, (Symantec who owns the code no longer provide sale or support) or pwdump.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 4
    Last Post: 2nd April 2009, 02:50 PM
  2. Replies: 3
    Last Post: 5th July 2008, 11:33 AM
  3. Replies: 6
    Last Post: 29th February 2008, 12:03 AM
  4. Replies: 2
    Last Post: 10th December 2007, 10:30 AM
  5. ical file format to csv convert
    By russdev in forum Windows
    Replies: 2
    Last Post: 1st November 2006, 06:22 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •