Forums
Main Category
General (Technical,...
User/Registry quest...
 
Notifications
Clear all

User/Registry question

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by keydet89 19 years ago
1 Posts
1 Users
0 Reactions
433 Views
RSS
keydet89
 keydet89
(@keydet89)
Famed Member
Joined: 21 years ago
Posts: 3568
Topic starter 22/01/2007 9:58 pm  

All,

I've written a Perl script for parsing raw SAM files
from the Windows Registry, and presenting the
information found there in a readable, understandable
format. The script parses user and group membership
info (snippet of output shown at the end of this
email).

There is a user flag that tells the OS whether the
password is set to expire or not (in the below
snippet, the flag shows "–> Password does not
expire"). I received a question from a user of the
script…essentially, if the password *is* set to
expire, how do you determine if the password expires
in 12, 37, etc., days?

My assumption is that if the password is set to
expire, and the "net accounts" policy has a maximum
password age of 90 days, you can figure the number of
days left by looking at the password reset date from
the user's info.

If this is the case, does anyone have accurated,
detailed info on where within the
SAM\Domains\Account\F data the setting for the max
password age can be found?

Thanks,

Harlan

——————————————————
User info

HelpAssistant (Remote Desktop Help Assistant Account)
Account for Providing Remote Assistance
Key LastWrite Time = Wed Aug 18 003719 2004 (UTC)
Last Login = Thu Jan 1 000000 1970 (UTC)
Login Count = 0
Pwd Reset Date = Wed Aug 18 003719 2004 (UTC)
Pwd Failure Date = Thu Jan 1 000000 1970 (UTC)
Account Flags
–> Password does not expire
–> Account Disabled
–> Normal user account

Administrator
Built-in account for administering the computer/domain
Key LastWrite Time = Tue Aug 17 203147 2004 (UTC)
Last Login = Thu Jan 1 000000 1970 (UTC)
Login Count = 0
Pwd Reset Date = Tue Aug 17 203147 2004 (UTC)
Pwd Failure Date = Thu Jan 1 000000 1970 (UTC)
Account Flags
–> Password does not expire
–> Normal user account

Harlan
Key LastWrite Time = Mon Sep 26 233751 2005 (UTC)
Last Login = Mon Sep 26 233751 2005 (UTC)
Login Count = 35
Pwd Reset Date = Wed Aug 18 004942 2004 (UTC)
Pwd Failure Date = Mon Sep 26 233747 2005 (UTC)
Account Flags
–> Password does not expire
–> Normal user account

—————————————————-
Group info

Administrators
Administrators have complete and unrestricted access
to the computer/domain
Key LastWrite Time = Wed Aug 18 004624 2004 (UTC)
Administrator
Harlan

Power Users
Power Users possess most administrative powers with
some restrictions. Thus, Po
wer Users can run legacy applications in addition to
certified applications
Key LastWrite Time = Tue Aug 17 202713 2004 (UTC)
No Users


   
Quote
Forum Jump:
  Previous Topic
Next Topic  
Share: