Closed memphisraynz closed 4 years ago
Hi @memphisraynz , the DSRM password is stored in the local SAM database (registry), not in AD database (ntds.dit). Also, the DSRM Administrator account has nothing to do with the domain's built-in Administrator account. Your approach will therefore not work.
If you are curious enough, you can use mimikatz to look into the SAM database. But don't do that in production.
I am trying to compare the DSRM (Administrator) account password hash against the account I used to sync the password. The password hash doesn't match the originating account. I have used ntdsutil "set dsrm password" "sync from domain account DSRMAccount" q q to set the password and it comes back successful. As well as setting the password directly using the ntdsutil rather than syncing.
I cannot get the passwords hashes to match or to match a weak password by using - Get-ADReplAccount -SamAccountName "administrator" -Domain "domain" -Server "server" | Test-PasswordQuality -WeakPasswords 'password_set' -IncludeDisabledAccounts.
Is this something that should work?
Thanks