The issue isn't understanding the standards. We've got that part more than covered. We're just trying to find what hash type is used to store the passwords in AD.
-------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Lou Vega [mailto:[EMAIL PROTECTED] > Sent: Thursday, April 29, 2004 10:49 AM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Storage of AD passwords??? > > This link (http://csrc.nist.gov/CryptoToolkit/tkhash.html) > will provide > further information regarding the FIBS PUB 180-2 and SHA-256 > standard. The > PDF file at that location may provide you with the information you're > looking for. > > Just FYI - FIPS = Federal Information Processing Standards. > > r/ > Lou > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Roger Seielstad > Sent: Thursday, April 29, 2004 10:31 AM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Storage of AD passwords??? > > That really doesn't cover the specifics. > > We're wondering what type and strength of encryption is used. > We've got an > RFP from a customer who's security requirements require the > use of some > asinine level of crypto for password storage[1], and we can't > find a single > instance of an OS that uses that leve, so we're thinking > they're not even > meeting their own requirements there... > > Roger > -------------------------------------------------------------- > Roger D. Seielstad - MTS MCSE MS-MVP > Sr. Systems Administrator > Inovis Inc. > > [1] "Password hash must use the SHA-256 standard: compliant > with FIPS PUB > 180-2" > > > > -----Original Message----- > > From: Mulnick, Al [mailto:[EMAIL PROTECTED] > > Sent: Thursday, April 29, 2004 10:16 AM > > To: [EMAIL PROTECTED] > > Subject: RE: [ActiveDir] Storage of AD passwords??? > > > > Here's some background information > > > > http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&th > readm=uNoVmrCr > > AHA.1552%40tkmsftngp04&rnum=6&prev=/groups%3Fq%3Dmicrosoft%252 > > 0active%2520di > > rectory%2520%2522password%2520storage%2522%26hl%3Den%26lr%3D%2 > > 6ie%3DUTF-8%26 > > oe%3DUTF-8%26sa%3DN%26tab%3Dwg > > > > -----Original Message----- > > From: Roger Seielstad [mailto:[EMAIL PROTECTED] > > Sent: Thursday, April 29, 2004 10:03 AM > > To: [EMAIL PROTECTED] > > Subject: RE: [ActiveDir] Storage of AD passwords??? > > > > Funny - had that same question come up the other day from my > > security guy. > > > > Roger > > -------------------------------------------------------------- > > Roger D. Seielstad - MTS MCSE MS-MVP > > Sr. Systems Administrator > > Inovis Inc. > > > > > > > -----Original Message----- > > > From: Douglas M. Long [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, April 29, 2004 9:33 AM > > > To: [EMAIL PROTECTED] > > > Subject: [ActiveDir] Storage of AD passwords??? > > > > > > I have been looking for how Active Directory stores > passwords, and > > > have had no luck. Does anyone know what format the password > > is stored > > > (eg crypt, md5)? Also, what is the password attribute (is it > > > userPassword)? TYIA > > > > > > > > > List info : http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
