Migrating Active Directory Passwords

Welcome Forums General PowerShell Q&A Migrating Active Directory Passwords

Viewing 2 reply threads
  • Author
    Posts
    • #179088
      Participant
      Topics: 53
      Replies: 54
      Points: 327
      Rank: Contributor

      Wondering if anyone has had any experience or knows of a beginning PS topic of research regarding Extracting/Migrating Active Directory password hashes.

      Summary:

      My company hosts a remote environment where a client can RDP / Citrix into our terminal server cluster to access their hosted application resources.   Often, these clients have their own local Active Directory Domain with their own set of passwords.  These clients frequently get confused where they believe they use their local AD account to try to authenticate to their remote hosted environment and not sure why they can't login.

      End game is that I would like to have something that will extract their hashed password on their local domain and automatically import that hash to their remote hosted environment so both accounts are always in sync.

      I have no desire to recover the original password, but just to move the hash from one AD structure to another.

      I have been reading about the unicodePwd password attribute, but not sure if  this is the correct starting point regarding this problem.

      https://social.technet.microsoft.com/Forums/ie/en-US/63e3cf2d-f186-418e-bc85-58bdc1861aae/view-password-hash-in-active-directory?forum=winserverfiles

       

       

       

       

       

    • #179121
      Participant
      Topics: 5
      Replies: 105
      Points: 264
      Helping Hand
      Rank: Contributor
    • #179130
      Participant
      Topics: 9
      Replies: 427
      Points: 712
      Helping Hand
      Rank: Major Contributor

      You can use MIM to sync user accounts from one AD domain to another (including passwords)

Viewing 2 reply threads
  • The topic ‘Migrating Active Directory Passwords’ is closed to new replies.