views:

52

answers:

1

Hi,

I'm an admin on an active domain and most of my users use the same password, I find all those users so that I could ask them to change their password.

I was thinking that iron python would be good tool to get this done.

How would I get this accomplished?

Any help would be really appreciated.

Thanks.

+2  A: 

This is simply not possible directly: AD passwords are stored as hashes (not cleartext) and that hash is not readable.

If you know what that shared password is, you could use the answers from this SO post and check against every user account, but I wouldn't. For one, it'll count against their bad password limit, and two, it seems kind of dirty.

If employees are sharing passwords, I would make it clear (preferably coming from HR, as no one listens to IT anyway) that the employee is resposible for anything done under their user account.

Jeff Hardy