OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
RE: UF_PASSWD_NOTREQD user account flag

From: Wozny, Scott (US - New York) (swoznydeloitte.com)
Date: Wed Mar 16 2005 - 11:34:17 CST

It doesn't mean that the account has no password, but that the DC won't
require the password to be non-null. i.e. The user COULD set the
password to <blank> if they wanted to but that doesn't necessarily mean
it's currently set to <blank> which is why you can't log in to that
account with no password. Most people's default user account has this
flag cleared but sometimes it's on for some reason. If this is because
auditors are complaining and your company policy DOES require passwords
then my suggestion is to clear the flag on the users that have it
through user manager (or AD Users and Computers), have them re-run their
report and remind your server administrators to make sure they build
their accounts to spec.

One other thing. SOMETIMES 'User requires a password' will appear set
in AD Users and Computers but still show up on an audit report and
password not required. In that case look at the object in ADSI and you
should be able to fix it there. Nobody's ever been able to explain the
discontinuity to me.

Hope This Helps,

Scott

-----Original Message-----
From: Petr Merta [mailto:pmertalynguent.com]
Sent: Tuesday, March 15, 2005 6:24 PM
To: focus-mssecurityfocus.com
Subject: UF_PASSWD_NOTREQD user account flag

Hi all,

can anybody here explain the real meaning of UF_PASSWD_NOTREQD flag of
Windows
user account? I've found bunch of user accounts in W2K domain with this
flag
set; when I've tried to perform interactive or network logon with them,
it
failed. I've found no descriptive documentation besides of vague
"password
not required" statement. My questions are:
-- what's the actual meaning of this flag?
-- are there some circumstances under which it is possible to logon to
account
with this flag set (without password)?

Thanks for any info and/or reference.

Petr

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---

This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.

---------------------------------------------------------------------------
---------------------------------------------------------------------------