If you have auditing enabled to capture login events,
then you can parse the security log for "Logon Type:
5" which is for service account logon. This method is
only useful for service accounts, not shared accounts.
> Hi All,
>
> Is there a way to discover Active Directory "Shared"
> user account or "Service" users Account for auditing
> purpose?
> I have domain admin privileges and local access to
> my domain controllers.
>
> Best regards
> Tich
>
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed]
> [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of
> igor.mamuzic (at) koncar-inem (dot) hr [email concealed]
> Sent: lunedì 2 aprile 2007 18.43
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Discovering Active Direcory users with
> blank passwords
>
> Is there a way to discover Active Directory users
> with blank passwords if I have domain admin
> privileges and local access to my domain
> controllers?
>
> Best Regards,
> Igor
>
> --
> The information transmitted is intended for the
> person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any
> review, retransmission, dissemination or other use
> of, or taking of any action in reliance upon, this
> information by persons or entities other than the
> intended recipient is prohibited. If you received
> this in error, please contact the sender and delete
> the material from any computer.
>
________________________________________________________________________
____________
Now that's room service! Choose from over 150,000 hotels
in 45,000 destinations on Yahoo! Travel to find your fit.
http://farechase.yahoo.com/promo-generic-14795097
then you can parse the security log for "Logon Type:
5" which is for service account logon. This method is
only useful for service accounts, not shared accounts.
HTH,
Chris
--- Biassoni Riccardo <r.biassoni (at) reply (dot) it [email concealed]> wrote:
> Hi All,
>
> Is there a way to discover Active Directory "Shared"
> user account or "Service" users Account for auditing
> purpose?
> I have domain admin privileges and local access to
> my domain controllers.
>
> Best regards
> Tich
>
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed]
> [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of
> igor.mamuzic (at) koncar-inem (dot) hr [email concealed]
> Sent: lunedì 2 aprile 2007 18.43
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Discovering Active Direcory users with
> blank passwords
>
> Is there a way to discover Active Directory users
> with blank passwords if I have domain admin
> privileges and local access to my domain
> controllers?
>
> Best Regards,
> Igor
>
> --
> The information transmitted is intended for the
> person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any
> review, retransmission, dissemination or other use
> of, or taking of any action in reliance upon, this
> information by persons or entities other than the
> intended recipient is prohibited. If you received
> this in error, please contact the sender and delete
> the material from any computer.
>
________________________________________________________________________
____________
Now that's room service! Choose from over 150,000 hotels
in 45,000 destinations on Yahoo! Travel to find your fit.
http://farechase.yahoo.com/promo-generic-14795097
[ reply ]