Data.Get.SAM.PasswordHashes
Top  Previous  Next


Extracts password hashes from an NT4, 2000 or 2003 server

Notice: This command cannot retreive hashes without full Administrative rights, nor can it retreive clear text passwords. This command can thus not be used to retrieve a forgotten administrator password.

First use Data.Get.SAM (NT4) or Data.Get.AD (2000 or 2003) to obtain a list of SamAccountNames in the [Data] section. Then use Data.Get.SAM.PasswordHashes to extract hashes for all accounts listed in the [Data] section.

Use Account.Edit.PasswordHashes to write the hashes to another server.

Requirements
·128-bit encryption must be installed locally on the computer running AdmWin  
·128-bit encryption must be installed on the server on which to extract hashes from  
·Remote admin service  
·General security requirements  

Category
Data section

Script section
[Init]

Data.Get.SAM.PasswordHashes \\Machine, SamAccountNameColumn, lmPasswordColumn, ntPasswordColumn

\\Machine
NetBIOS name of server to get hashes from  

SamAccountNameColumn
Column to read SamAccountNames from  

lmPasswordColumn
Column to write Lanman password hashes (used by non-NT clients - Windows 95, 98, ME) to  
Hash format: 32 character hex string or "INACTIVE" (without quotes) if hash disabled  

ntPasswordColumn
Column to write ntPassword hashes (used by NT clients - NT, 2000, XP, 2003) to  
Hash format: 32 character hex string or "INACTIVE" (without quotes) if hash disabled  

Full examples
·Transfer accounts from Windows to Samba  
·Transfer accounts from Windows to Windows