Kevin Gay wrote:
Turn on password length of 6 and see who complains :P, that is if there is some ethical problem with cracking the sam file, but I do have to question why its not set to begin with.
The problem with this method is that the password length check does not happen unless they change their passwords. So unless you are suggesting to set password length to at least 6 characters and set all the accounts to change password at next logon (impractical) This will not work.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, April 02, 2007 11:43 AM To: [email protected] Subject: Discovering Active Direcory users with blank passwords Is there a way to discover Active Directory users with blank passwords if I have domain admin privileges and local access to my domain controllers?
-- Raoul Armfield rarmfield at amnh dot org
