systemx17

TeamViewer is sweet for home users. Got work to buy the full version for our techs as well - I like it, especially the Quick Support tool, Automatic session recording and the ability to setup hosts for unattended access.

If you have a PC setup that you can leave on, just setup a apache/php server, write a script to send out the WOL magic packet. This does mean having a system running all the time, but gives you heaps more options for remote operations.

Wow, there are a few different techniques that everyone uses by the sounds of it. And for the most part, all would be more effective than the current situation. The only big challange proposted for the most part is that the user's account would need to be logged in as the specific user for at the time for and VNC/Remote Assistance. I will be taking some of the information for other tasks, such as the "I may change your password, if I do it will be ...". It will work for some of my clients. I don't really feel the security is kept free from a 'hands on hardware' situation unless the users lock their phone with a code though. I do see the benefit for easing the interruption to the user. I was having a think about dumping the hashes remotely over the network or from the user's terminal and essentially trying to decrypt their password with Rainbow Tables. This won't obviously work in some situations (due to the limitations of dumping hashes), but I believe I could write a simple remote script to echo back the dump to the server for decryption. This poses a number of questions and possible security risks, but I believe it might work for what I am trying to achieve... Anyone got any thoughts? I probably won't have time to get back on here for a couple of days, so I might just have a read of anything posted, before starting out. Thanks for all the sweet tasty info so far..

There has been some good thoughts so far on some alternative options, so I am enclined to think this might not be possible. Does anyone know for sure that it's not? Anyone got any ideas on the theory behind it rather than the alternatives? I am really looking for an answer to the question "Can Active Directory encrypted passwords be extracted, reset then put back in place? And would the original hash still result in the same password for the user once it has been restored?" Thanks for the input so far..

As I understand, Kon-Boot can only get you local access anyway for domain accounts. This wouldn't be exactly like the standard operation of the user.

Not too sure you understand what I mean. Yes, as administrator I can change anything, but that doesn't mean I can change it back. Here is a scenario to explain it clearer: Working back after hours and I need to test a recently installed application for a user. I know that their application configuration is specific to their installation on their PC. I want to login as the user, but I don't know their password. They are one of my lawyer clients and don't tollerate changes that delay their working day. I can change their password, but I would have to let them know the new password before they return to work at 6am. So what I want to be able to do is to store their encrypted password, then change it to whatever I like. Complete the work then restore their original password. So even though I may be able to change things, I can't restore them back to their original state without running a full server restore from when their password hadn't changed - which is not an option.

As above: "For use of administrators instead of having to deal with end l'users having a sad about their password being reset after hours?" I don't need the password, I don't want the password - I just want to put it back in place when I am finished in their account.

Is this possible: 1) 'Backup' encrypted Active Directory (win2k3/win2k7 domain) user password string 2) Change the password and perform administrative tasks 3) Restore the encrypted AD user password string For use of administrators instead of having to deal with end l'users having a sad about their password being reset after hours?

Hmm, yeah I didn't quite think that through, I can just (cause I'm on Vista): dir *.* /S > .\drivemap.txt then import via php onto my mysql cluster for fast searching. Thanks heaps for the push in the right direction. I did check that swish-e link, but I am just doing it for non-web files. Cheers, SystemX17

You talking about Maltego? www.paterva.com/maltego/

Any suggestions.. I want some software that will allow me to store an index of files, paths and attributes from various hard drives that I no longer access regularly. I originally was going to head down the FreeNAS path, but I don't need to have the drives chewing power that often. - SystemX17