How I record users password in DB inside AD

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Dear Sir,

I need to record users's passwords on DB inside the AD or extract it from
the AD. every time the user resetting his/her password must be recorded in DB
or (even TXT file) to facilitate the addministraton , If this applicable and
how it can be done, what tools or scripting.

Thank You,
RG
 
Why?

My basic response without understand why is , no you don't. This is horrible
security, actually it is almost a complete lack of security. The only person who
should know the password is the person who owns the account. It definitely
shouldn't be recorded somewhere else in clear text.

Admins do not need to have the password of users in order to admin.

joe
 
I am a system administrator and i need the passwords simulate user logon
status for any reported problems. which enable me to diagnose and do
modification and troubleshooting users profiles, archived thier mailboxes,
configuring printers, ....etc. and also i need to develop a registeration
system that record the password and resend it to users. that is why i need to
record passwords.

Thank You,
RG
 
I still don't agree you need it. I managed a Fortune 5 company with some 250,000
userids. I knew the passwords of my normal account and my admin account, period.
Mail admins have backend access to mailboxes, if you use Exchange there are tons
of ways of getting into a user's mailbox without the password.

Passwords shouldn't be resent to users, basically if they forget, they get their
password reset and the new temporary password is sent to them that they have to
change immediately.

If you still want to go this way, consider just setting the passwords for the
users and telling them what their password is, you have the same level of
security. The nice thing is that the users never forget that you have their
password.

From your standpoint, you don't want the passwords because if anything happens
to their account or seems to come from their account, you can always be under
suspicion. For instance say an employee sends an email to your boss saying he is
a moron and should be killed. They can easily say it wasn't them, but instead
you and you couldn't prove otherwise.

joe
 
Back
Top