Announcement

Collapse
No announcement yet.

DumpSec and PswdRequired Field

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • DumpSec and PswdRequired Field

    Hi - I just ran DumpSec on a client and found that well over 50% of the user accounts had a PswdRequired field setting of NO. Thinking this was a greivious error I searched this BB for references. I found a few but they were not completely clear. They seem to indicate that this may be an anomoly of the tool but then again all of the posts were talking about ExporterPro and not DumpSec. Can someone please post a clarification on the validity and importance of this field in DumpSec?

    Much Thanks

  • #2
    Re: DumpSec and PswdRequired Field

    It's not a field in DumpSec or any other tool but rather the values of the useraccountcontrol attribute in AD. If you are look at NT or local accounts, its the values of the user account flags structure. Here is the Microsoft documentation:
    http://support.microsoft.com/kb/305144 http://msdn2.microsoft.com/en-us/library/aa772300.aspx

    The problem is Microsoft has never really clarified what the 'password not required' setting means, as your policy overrides it. They don't provide a way to set/unset this flag either, and I think it used to be the default for new accounts.

    Our tools never set this value, so if you were to create an account with Hyena and see that it has this flag set, it was set by Microsoft/AD when the user is created.

    To make sure your policies are overriding this setting, find a user with this flag set, and try giving them a blank / NULL password.
    Kevin Stanush
    SystemTools Software Inc.

    Comment

    Working...
    X