Security Basics mailing list archives
Auditing Active Directory Passwords
From: k7.fantr () gmail com
Date: 6 Feb 2008 22:22:32 -0000
I am looking for advice for auditing the password strength of passwords in Active Directory. I have used l0phtcrack and other such tools in the past against local accounts (SAM and System files) but I do not know what to use for Active Directory. I do not want to brute force and lock out everyone's accounts, so I would prefer an off-line audit. I have domain admin credentials. I am trying to build a case to turn on complexity requirements by showing the fact that people do not voluntarily follow the password policy (big shock to us, but not to the executive management). Any tools that would work in this capacity would be greatly appreciated, especially open source or low cost ones.
Current thread:
- Auditing Active Directory Passwords k7 . fantr (Feb 06)
- RE: Auditing Active Directory Passwords Jesse Rink (Feb 06)
- RE: Auditing Active Directory Passwords Uzair Hashmi (Feb 07)
- Re: Auditing Active Directory Passwords Nikhil Wagholikar (Feb 07)
- Disabling split tunnelling on an ssl vpn Secure This (Feb 07)
- Re: Disabling split tunnelling on an ssl vpn Ronald van der Westen (Feb 08)
- Re: Disabling split tunnelling on an ssl vpn Secure This (Feb 08)
- Re: Disabling split tunnelling on an ssl vpn Ronald van der Westen (Feb 08)
- Scanning ssl vpn traffic Secure This (Feb 07)
- RE: Scanning ssl vpn traffic Cassiem, Nazier A (Feb 08)
- <Possible follow-ups>
- Re: RE: Auditing Active Directory Passwords wyse101 (Feb 07)
- Re: Auditing Active Directory Passwords maash . rajani (Feb 07)
(Thread continues...)
- RE: Auditing Active Directory Passwords Jesse Rink (Feb 06)