[unisog] removing LM hashes from a large Active Directory
r.fulton at auckland.ac.nz
Tue Feb 26 22:20:05 GMT 2008
Some time ago we turned off LM authentication on our AD and we would
now like to get rid of the LM hashes from the directory. Resetting
passwords will do this but we really don't want to force everyone to
change their passwords out of the normal schedule (there are tens of
thousands of accounts).
I've found ThrashLM <http://www.toolcrypt.org/index.html?thrashlm>
which claims to be able to do this but have not yet tried it.
Anyone else know of any other approaches?
More information about the unisog