There is a new tool available for auditing Active Directory passwords, the Get-bADPasswords cmdlet. It has been created by Jakob Heidelberg and it is built upon the features of the DSInternals module.
Here is the list of cmdlets currently contained in the DSInternals PowerShell module: Online operations with the Active Directory database Get-ADReplAccount – Reads one or more accounts through the DRSR protocol, including secret attributes. Set-SamAccountPasswordHash – Sets NT and LM hashes of an account through the SAMR protocol. Get-ADReplBackupKey – Reads the DPAPI backup keys through the DRSR protocol. Offline operations with the Active Directory database Get-ADDBAccount – • Read More »
I have released a new version of the DSInternals PowerShell module. This is mainly a bugfix release. You can grab it from the Downloads section. Or, if you have PowerShell 5, you can install the module from the PowerShell Gallery by running this command:
Install-Module -Name DSInternals
I have finally finished work on the Get-ADReplAccount cmdlet, the newest addition to my DSInternals PowerShell Module, that can retrieve reversibly encrypted plaintext passwords, password hashes and Kerberos keys of all user accounts from remote domain controllers. This is achieved by simulating the behavior of the dcromo tool and creating a replica of Active Directory database through the MS-DRSR protocol. Furthermore, it has these properties: It does not even need the Domain Admins group membership. • Read More »