Share via

Decode network access account password

Boopathi S 3,806 Reputation points
2023-04-20T17:08:21.24+00:00

Hello, We changed Network access account password in MECM primary sites. Then Network access account lockout for the happens from 10% of workstations. Is there a way to decrypt the “CCM_NetworkAccessAccount” password Get-WmiObject -namespace “root\ccm\policy\Machine\ActualConfig” -class “CCM_NetworkAccessAccount”

Windows for business Windows Client for IT Pros Directory services Active Directory
Microsoft Security Intune Configuration Manager Other

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. CherryZhang-MSFT 6,496 Reputation points
    2023-04-21T08:24:37.1+00:00

    Hi @Boopathi Subramaniam

    To narrow down the problem, we may need more information.

    1, As Rahul Jindal [MVP] said, lockout in what way? Could you please upload the related screenshot or other information?

    2, Where did you change Network access account password from? SCCM console or domain? If you just changed it from domain, we may try to re-add it from Software Distribution Component Properties window. And test connection to check if it is connected successfully.

    The screenshot for your reference:

    1

    2

    Please let me know if I am misunderstanding something!

    Looking forward to your feedback.

    Best regards

    Cherry

  2. Limitless Technology 44,751 Reputation points
    2023-04-21T12:24:39.8566667+00:00

    Hi, I'd be happy to help you out with your question. Sorry for the inconvenience caused. It is not possible to decrypt the CCM_NetworkAccessAccount password as it is encrypted using the system's DPAPI master key and stored as blobs in the CCM_NetworkAccessAccount class of the Configuration Manager (SCCM). The DPAPI master key is unique to each system and is used to encrypt and decrypt sensitive data on that system. The Get-WmiObject command mentioned in the question retrieves the CCM_NetworkAccessAccount object, but it does not decrypt the password. The CCM_NetworkAccessAccount object contains the encrypted password and other information about the network access account Apart from this I advise against attempting to decrypt passwords as it is not only unethical but also a security risk. Passwords are typically encrypted for security purposes, and it is not recommended to attempt to decrypt them. In your case, if you have forgotten or lost the password for the Network access account in MECM primary sites, the best approach would be to reset the password to a new, secure one. To do this, you may want to contact your IT department or system administrator for assistance with resetting the password. It's important to understand that locking out accounts after multiple failed login attempts is a standard security measure. This helps to prevent unauthorized access to your system and protect your data. If you're experiencing account lockouts, you may want to check if there are any suspicious login attempts or investigate any potential security breaches. For more Information, please refer to following resource :- "Client push: Failed to decrypt password of user account" - https://social.technet.microsoft.com/Forums/en-US/6ac05123-688c-4176-9171-7512de4dfc57/client-push-failed-to-decrypt-password-of-user-account?forum=configmanagergeneral If you have any other questions or need assistance with anything, please don't hesitate to let me know. I'm here to help.

    If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.