Comments (5)
@Sinokra LDS data decryption has been present in DSInternals for a long time and is supported on WS 2003-2019 databases, see
Decryption key loader is implemented here:
I still have not finished rewriting schema loading code so that it can also read LDS accounts from the DB.
from dsinternals.
Hi @MichaelGrafnetter ,
Sorry to come back on this enhancement: does DSInternals is handling ADAM/AD LDS for either process (ADDBAccount) the NTDS file or use the ADReplAccount to retrieve password hashes ?
If not do you plan to include it ? Or do you know a tool to achieve this ?
Thanks a lot for your feedbacks.
Vivien
from dsinternals.
Hi @Sinokra , I don't know of any other tool supporting this. DSInternals requires a major rewrite of shcema loading to support this and I have already started working on it. The thing is that accounts in LDS/ADAM are not just user or inetOrgPerson classes. If at least one of the following statements applies to an object class within an AD LDS schema, then each instance of that object class functions as an AD LDS user:
- The object class contains msDS-BindableObject as a static auxiliary class.
- The object class contains a static auxiliary class that is a subclass of msDS-BindableObject.
- The object class is a subclass of another object class that satisfies statement 1 or 2.
from dsinternals.
Hi @MichaelGrafnetter, thanks a lot for these precisions, and really sorry for the delay in my answer I had to deal with something else, but now I'm back on the AD LDS topic.
I'm still needing to export the password hashes from an AD LDS. I don't know when DS Internal will handle this "technology" but I have tried to do the job on my own by processing the NTDS.dit file. Nevertheless I'm struggling in the final step I guess and if I may, I would need your expertise:
- Do you know in which algorithm the password attribute is encrypted (on top of the hash) ?
- Do you know where to find the master key ? Is is the so-called Boot Key (aka SysKey) ?
Thanks a lot for your insights on this Michael, very appreciated.
from dsinternals.
@MichaelGrafnetter if there a plan to make this enhancement available? @Sinokra did you find a way to export the hashes?
from dsinternals.
Related Issues (20)
- Empty Password not returning full results HOT 3
- DSInternals.Replication.Interop.dll - File not found Exception on .NET 7/Core HOT 1
- ERROR: Package 'dsinternals' requires a different Python: 2.7.18 not in '>=3.4' HOT 1
- Unable to find pekList column Id? HOT 5
- Performance on very large databases? HOT 1
- Set-ADDBCompatibility HOT 1
- Extract users from specific OU or CN using DSInternals.Replication HOT 1
- Cmdlet for offline user unlock
- Password in plain text is missing HOT 1
- Modified Get-ADDBAccount to include more attributes : Object reference not set to an instance of an object. HOT 2
- Password Quality Result HOT 2
- Troubleshooting
- Memory consumption when running Get-ADDBAccount command HOT 1
- Get-ADReplAccount : The input is shorter than the minimum length. HOT 8
- DSInternals.Common.dll: Could not load file or assembly
- copied the database back to the original DC HOT 2
- Domain reference for Format-Custom views HOT 2
- Remove-ADDBObject : doesn't remove objects HOT 1
- Get-ADDBAccount - There was a problem reading the Database which probably comes from a different OS HOT 1
- Add-ADDBSidHistory / There was a problem reading the database, which probably comes from a different OS / After Exchange 2019 Schema Update HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dsinternals.