1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cahed Network Account Details

Discussion in 'Networks' started by Nelix, Apr 28, 2004.

  1. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,412
    3
    82
    Hi All

    We have a few remote users that work for us and one of them has a problem.

    Firstly let me tell you how the machine was set up, the users desktop machine was set up very similar to a laptop due to them being remote users, whilst configuring the machine we logged into the domain here at the office so that there account details were cached on the local machine so that she can login to the machine using her domain credentials even though she is not dialing into the network, she replicate her mail via lotus notes a couple of times a day and thats about all she does (network wise) now that the user has been using the machine for a while she has had the password changed in Active Directory as she forgot it, she can still replicate using the new password but cant log onto her machine locally using her domain cred's as she cant remember her password.

    Is there anyway to remove/discover/delete (or dare I say it CRACK) her cached password without her taking the machine to one of our regional offices in order for her to plug it into the domain.

    P.S. she is currently loggin on locally using the local admin account AARRGGGGGGGGGG!!!!!!! :aaah
     
    Certifications: A+, 70-210, 70-290, 70-291
    WIP: 70-294
  2. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,412
    3
    82
    I take it no one knows the answer to this one then !!!!!

    I have told the user that they will have to bring the machine in to the regional office to resolve the issue, she was'nt pleased :oops:
     
    Certifications: A+, 70-210, 70-290, 70-291
    WIP: 70-294
  3. flex22

    flex22 Gigabyte Poster

    1,679
    0
    69
    Interesting situation there Nelix.

    Sorry a bit late, but I've only just read this message.

    I think maybe in future they should have separate passwords for local and domain.

    Not much help now I'm afraid, but would stop this from happening again.

    I'll have a think on this.

    edit:
    What is the point in that :?:

    The password has now changed anyway, so how will plugging the machine into the domain help :?:
     
  4. SimonV

    SimonV Petabyte Poster Administrator

    6,616
    151
    228
    It seems to me that was the only solution for her Nelix.

    Flex, the user was working on a cached login, meaning the PC was on the domain to start with, her account was logged by the local machine and cached then unplugged from the domain but she could still logon with the cached login details even though the domain was not present.
     
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  5. flex22

    flex22 Gigabyte Poster

    1,679
    0
    69
    Yeah I know that, but ti doesn't answer my question.
     
  6. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    the domain password can be changed at will by the domain admins flex
    when she plugs her machine back into the domain it updates her local chached account to mirror her domain account

    so by plugging her back into the domain it would fix the problem

    have you tried lophtcrack nelix? havnt really used it much in an AD environment, it was king in the NT4 SAM file days

    as for her not being pleased, she shouldnt of forgotten her password should she :)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  7. flex22

    flex22 Gigabyte Poster

    1,679
    0
    69
    Right, makes sense now.

    I learnt something today :!:
     
  8. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,412
    3
    82
    thanks for the replys guys, I have used lophtcrack in the past and it works wonders on NT however Win2000 has something called SYSKEY, and lophtcrack does not seem to work on it. even if it did we cant access the machine remotly and I would'nt fancy telling her to try herself.
     
    Certifications: A+, 70-210, 70-290, 70-291
    WIP: 70-294
  9. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    yeah lophtcrack needs to be set up a bit more complexly in an AD environment than in an NT one, hence why i havnt bothered with it much :)

    and if her machine is that isolated telling her to bring it in was the right idea, good oppertunity to check it out, patch the bugger, and make sure everythings in working order lol

    if you have alot of remote uses like that why dont you use VPNs to connect to the domain?
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0

Share This Page

Loading...