RE: [ActiveDir] Windows 2003 R2 Issue
I am trying to read the machine password from exchange server (Windows 2003 R2 Standard + SP1, Exchange 2003 +SP2). I have tried some other tools also (like lsadump) but they all are failing to read it. We are working on Exchange DR solution- so we need to import the machine password from production exchange server and we set the same password on our DR box. The same function is working on windows 2000 and windows 2003 in same domain. But its failing on Windows 2003 R2. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Sunday, August 13, 2006 1:42 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue I have two questions. 1. Where are you reading the password from? 2. Why? -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Friday, August 11, 2006 7:52 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows 2003 R2 Issue Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
Now I understand your appliance architecture and how you deal with the encryption issues. This doesn't seem like a smart way to do it, to me. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet SinghSent: Wednesday, August 16, 2006 4:26 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue I am trying to read the machine password from exchange server (Windows 2003 R2 Standard + SP1, Exchange 2003 +SP2). I have tried some other tools also (like lsadump) but they all are failing to read it. We are working on Exchange DR solution- so we need to import the machine password from production exchange server and we set the same password on our DR box. The same function is working on windows 2000 and windows 2003 in same domain. But its failing on Windows 2003 R2. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joeSent: Sunday, August 13, 2006 1:42 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue I have two questions. 1. Where are you reading the password from? 2. Why? -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet SinghSent: Friday, August 11, 2006 7:52 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Windows 2003 R2 Issue Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
Re: [ActiveDir] Windows 2003 R2 Issue
I have to agree with Michael. Why would you want to do that? I mean, the machine password changes frequently and you *could* just re-add/reset the machine password if you needed to. IIRC, this is covered in the Exchange DR whitepaper as well. You may want to have a look. As to why it no longer works but did before? Who knows? Likely a security change because you should not have been able to read it before. That machine has a high level of privileges in AD by default. You wouldn't want people to be able to read the password. al On 8/16/06, Michael B. Smith [EMAIL PROTECTED] wrote: Now I understand your appliance architecture and how you deal with the encryption issues. This doesn't seem like a smart way to do it, to me. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Manjeet Singh Sent: Wednesday, August 16, 2006 4:26 AM To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue I am trying to read the machine password from exchange server (Windows 2003 R2 Standard + SP1, Exchange 2003 +SP2). I have tried some other tools also (like lsadump) but they all are failing to read it. We are working on Exchange DR solution- so we need to import the machine password from production exchange server and we set the same password on our DR box. The same function is working on windows 2000 and windows 2003 in same domain. But its failing on Windows 2003 R2. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of joeSent: Sunday, August 13, 2006 1:42 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue I have two questions. 1. Where are you reading the password from? 2. Why? -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Manjeet SinghSent: Friday, August 11, 2006 7:52 PM To: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Windows 2003 R2 Issue Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
I do not have a solution for your issues. I am just curious. Why do you NEED the password? Why is it important for you to set the same password on your DR box? So, the real exchange server dies, you bring in your DR box and have it impersonate the real one? Is this why? Is this to eliminate the need to have to manually join your box to the domain? Do you also clone the machine SID? Again, just curious. Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_(_/ /) (/ Microsoft MVP - Directory Serviceswww.akomolafe.com- we know IT-5.75, -3.23Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Manjeet SinghSent: Wed 8/16/2006 1:26 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue I am trying to read the machine password from exchange server (Windows 2003 R2 Standard + SP1, Exchange 2003 +SP2). I have tried some other tools also (like lsadump) but they all are failing to read it. We are working on Exchange DR solution- so we need to import the machine password from production exchange server and we set the same password on our DR box. The same function is working on windows 2000 and windows 2003 in same domain. But its failing on Windows 2003 R2. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joeSent: Sunday, August 13, 2006 1:42 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue I have two questions. 1. Where are you reading the password from? 2. Why? -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet SinghSent: Friday, August 11, 2006 7:52 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Windows 2003 R2 Issue Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
We need to sync the machine password for authentication purpose because the DR machine is not a part of production AD domain. We have to sync the password so that Kerberos authentication work properly (Kerberos is not working when the password do not match). So whenever there is a password changes on Production exchange we sync it immediately. We do not sync the machine SID. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Deji Akomolafe Sent: Wednesday, August 16, 2006 8:48 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue I do not have a solution for your issues. I am just curious. Why do you NEED the password? Why is it important for you to set the same password on your DR box? So, the real exchange server dies, you bring in your DR box and have it impersonate the real one? Is this why? Is this to eliminate the need to have to manually join your box to the domain? Do you also clone the machine SID? Again, just curious. Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_ (_/ /) (/ Microsoft MVP - Directory Services www.akomolafe.com- we know IT -5.75, -3.23 Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Manjeet Singh Sent: Wed 8/16/2006 1:26 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue I am trying to read the machine password from exchange server (Windows 2003 R2 Standard + SP1, Exchange 2003 +SP2). I have tried some other tools also (like lsadump) but they all are failing to read it. We are working on Exchange DR solution- so we need to import the machine password from production exchange server and we set the same password on our DR box. The same function is working on windows 2000 and windows 2003 in same domain. But its failing on Windows 2003 R2. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Sunday, August 13, 2006 1:42 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue I have two questions. 1. Where are you reading the password from? 2. Why? -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet Singh Sent: Friday, August 11, 2006 7:52 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows 2003 R2 Issue Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
OP has not produced evidence hes reading what he claims hes reading yet, though. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Sunday, August 13, 2006 12:37 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue I don't know; that's why I pointed it out. Obviously, it's readable. The question is, why is it readable on a Win2K3 machine, but not on a Win2K3 R2 machine? In order to figure that out, we need the information that Al asked for. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Sunday, August 13, 2006 1:28 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue OK in that case how is the OP reading the secret? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Sunday, August 13, 2006 12:16 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue Read the last line of the original post. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Sunday, August 13, 2006 12:38 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue Hes trying to read a secret youre not allowed to do that period. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Saturday, August 12, 2006 8:12 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
Which is why I say we need the information that Al has asked for. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian DesmondSent: Sunday, August 13, 2006 2:18 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue OP has not produced evidence hes reading what he claims hes reading yet, though. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: Sunday, August 13, 2006 12:37 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue I don't know; that's why I pointed it out. Obviously, it's readable. The question is, why is it readable on a Win2K3 machine, but not on a Win2K3 R2 machine? In order to figure that out, we need the information that Al asked for. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian DesmondSent: Sunday, August 13, 2006 1:28 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue OK in that case how is the OP reading the secret? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: Sunday, August 13, 2006 12:16 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue Read the last line of the original post. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian DesmondSent: Sunday, August 13, 2006 12:38 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue Hes trying to read a secret youre not allowed to do that period. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al MulnickSent: Saturday, August 12, 2006 8:12 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
I have two questions. 1. Where are you reading the password from? 2. Why? -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Manjeet SinghSent: Friday, August 11, 2006 7:52 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Windows 2003 R2 Issue Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
Re: [ActiveDir] Windows 2003 R2 Issue
What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
He’s trying to read a secret – you’re not allowed to do that period. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Saturday, August 12, 2006 8:12 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
Read the last line of the original post. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian DesmondSent: Sunday, August 13, 2006 12:38 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue Hes trying to read a secret youre not allowed to do that period. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al MulnickSent: Saturday, August 12, 2006 8:12 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
Re: [ActiveDir] Windows 2003 R2 Issue
But aren't we assuming that the permissions on that other exchange server where it does work are default? Laura A. Robinson wrote: Read the last line of the original post. Laura *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *On Behalf Of *Brian Desmond *Sent:* Sunday, August 13, 2006 12:38 AM *To:* ActiveDir@mail.activedir.org *Subject:* RE: [ActiveDir] Windows 2003 R2 Issue *He’s trying to read a secret – you’re not allowed to do that period. * * * *Thanks,* *Brian Desmond* [EMAIL PROTECTED] * * *c - 312.731.3132* * * *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *On Behalf Of *Al Mulnick *Sent:* Saturday, August 12, 2006 8:12 AM *To:* ActiveDir@mail.activedir.org *Subject:* Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, *Manjeet Singh* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Windows 2003 R2 Issue
OK in that case how is the OP reading the secret? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Sunday, August 13, 2006 12:16 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue Read the last line of the original post. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Sunday, August 13, 2006 12:38 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue Hes trying to read a secret youre not allowed to do that period. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Saturday, August 12, 2006 8:12 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
Irrelevant to my point, which is that you're not allowed to do that period apparently isn't true. :-) Laura -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Sunday, August 13, 2006 1:23 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Windows 2003 R2 Issue But aren't we assuming that the permissions on that other exchange server where it does work are default? Laura A. Robinson wrote: Read the last line of the original post. Laura -- -- *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *On Behalf Of *Brian Desmond *Sent:* Sunday, August 13, 2006 12:38 AM *To:* ActiveDir@mail.activedir.org *Subject:* RE: [ActiveDir] Windows 2003 R2 Issue *He's trying to read a secret - you're not allowed to do that period. * * * *Thanks,* *Brian Desmond* [EMAIL PROTECTED] * * *c - 312.731.3132* * * *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *On Behalf Of *Al Mulnick *Sent:* Saturday, August 12, 2006 8:12 AM *To:* ActiveDir@mail.activedir.org *Subject:* Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, *Manjeet Singh* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Windows 2003 R2 Issue
In line with Brians question how is the OP reading the secret, and what are the differences between the two servers (and DCs if there are different DCs involved)? If you hook the functions that generate the passwords and convey them to the DC, it would be possible to get this value (in a similar way that you could get a users password via a custom passfilt.dll). However without knowing what the OP is doing, and what the differences are between the two environments, its impossible to state with any certainty what the problem is in the second environment. Cheers Ken From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Sunday, 13 August 2006 3:28 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue OK in that case how is the OP reading the secret? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Sunday, August 13, 2006 12:16 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue Read the last line of the original post. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Sunday, August 13, 2006 12:38 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Issue Hes trying to read a secret youre not allowed to do that period. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Saturday, August 12, 2006 8:12 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.
RE: [ActiveDir] Windows 2003 R2 Issue
I don't know; that's why I pointed it out. Obviously, it's readable. The question is, why is it readable on a Win2K3 machine, but not on a Win2K3 R2 machine? In order to figure that out, we need the information that Al asked for. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian DesmondSent: Sunday, August 13, 2006 1:28 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue OK in that case how is the OP reading the secret? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: Sunday, August 13, 2006 12:16 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue Read the last line of the original post. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian DesmondSent: Sunday, August 13, 2006 12:38 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Windows 2003 R2 Issue Hes trying to read a secret youre not allowed to do that period. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al MulnickSent: Saturday, August 12, 2006 8:12 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Windows 2003 R2 Issue What rev is that other 2003 OS and what type of code are you using? .Net? Can you post a snippet? ( note: I'm not a programmer, but I sometimes play one on the internet. If it gets too deep, we'll ask somebody like Joe K to help out; he does that stuff for a living). Al On 8/11/06, Manjeet Singh [EMAIL PROTECTED] wrote: Hi, I have one test setup with Windows 2003 R2 with SP1. Single Domain Topology: AD Server = Windows 2003 R2 + SP1 Exchange Server: - Windows 2003 R2 + Exchange 2003 Ent + SP2 + latest Microsoft security patches. Problem: I am unable to read the machine password of the Exchange Server. It says Error if I try to access the machine password. I need the machine password of exchange server for testing some code. Any idea what could be the reason? I am able to get the password successfully from another exchange server which is running in Windows 2003 OS.