Description
Retrieves the plaintext password or NTLM hash for a Group Managed Service Account.
Overview
Retrieves the plaintext password blob or NTLM hash for a Group Managed Service Account (gMSA). Requires read access to the msDS-ManagedPassword attribute of the target gMSA. The retrieved credentials can be used for further authentication.
Arguments
| Parameter | Type | Description |
|---|---|---|
| Target | string | The gMSA account name to target. |
| Domain | string | The target domain. |
| DC | string | The domain controller to target. |
| CredUser | string | Alternate credentials username. |
| CredPassword | string | Alternate credentials password. |
Additional Parameters
- Ldaps: Use LDAPS instead of LDAP.
Dependencies
- AD
Operating Systems
- Windows