This topic contains 2 replies, has 3 voices, and was last updated by
September 23, 2019 at 4:41 pm #179088ParticipantTopics: 50Replies: 51Points: 279Rank: Contributor
Wondering if anyone has had any experience or knows of a beginning PS topic of research regarding Extracting/Migrating Active Directory password hashes.
My company hosts a remote environment where a client can RDP / Citrix into our terminal server cluster to access their hosted application resources. Often, these clients have their own local Active Directory Domain with their own set of passwords. These clients frequently get confused where they believe they use their local AD account to try to authenticate to their remote hosted environment and not sure why they can't login.
End game is that I would like to have something that will extract their hashed password on their local domain and automatically import that hash to their remote hosted environment so both accounts are always in sync.
I have no desire to recover the original password, but just to move the hash from one AD structure to another.
I have been reading about the unicodePwd password attribute, but not sure if this is the correct starting point regarding this problem.
September 23, 2019 at 5:46 pm #179121ParticipantTopics: 4Replies: 76Points: 91Rank: Member
At least in the AD migration you can use this: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc974435(v=ws.10)?redirectedfrom=MSDN
September 23, 2019 at 6:02 pm #179130
You must be logged in to reply to this topic.