Managed passwords: Thought you knew them all?

The Managed Passwords component for the Windows XP and 2003 servers can allow access to remote resources on systems that aren't part of your default domain, a useful tool if you administer computers or servers remotely.

The GUI mode for User Accounts (instead of local users and computers MMC snap-in) actually has a wonderful component: Managed Passwords. Select your user account and from "Related Tasks," select '"Manage My Network Passwords."

Here, you can specify alternate credentials for resources. Need to manage that non-domain server or workstation? Simply add and specify the name of the server/workstation (I usually add via the IP address). In the username field, use NT4 domain user references, something like 192.168.1.100username and/or servernameusername or domainnameusername. Of course, add the appropriate password and BAM! Unlike RUNAS, you don't have to have a local account with the same name. This works great if you have to administer several domains or many non-domain workstations/servers.

Also, if you get tired of having to enter a username and password to access a remote resource, add it here. For the longest time, I was unable to run Computer Management against a non-domain system from my domained workstation.

Here's the trick.

You may not be able to access remote resources that are not in your home domain if the remote system requires, say, Kerberos Only authentication, but for the most part, you can get to most anything now.

I haven't found this functionality anywhere other than the XP'd User Accounts GUI from the Control Panel. If you know of other methods of getting to this little gem, please let me know!

Bob Fuller is a systems engineer with Hughes-Calihan in Phoenix, Arizona.

This was first published in August 2005

Dig deeper on Microsoft Active Directory Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close