I need to know the password of an User ID in Active directory without resetting it. Is this possible? If so how?
Resetting password is not an option because almost 900 servers have the current password saved in their application. Changing password will fail that application in all those servers.
Unfortunately, as strongline says, that would be no. Passwords are stored with non-reversible encryption. I understand that you feel like you have a use case for this feature, but it would be a bad thing for security.
There's more information in this old Server Fault question, but... no. I wouldn't recommend attempting it. I also wouldn't recommend attempting to brute-force the password (basically what strongline is recommending). Depending on how you do it, you might end up offending your IDS. If you do it without written permission from your boss it could go badly for you.
I'd recommend instead trying to script a way to change the password on 900 servers. Obviously, I don't know anything about the application in question or where it stores the password, but it's more likely to succeed than trying to get the old password.
Surely you could just check the password used by the 900 applications in order to determine what it is? Have you checked if they’re stored in plain text? E.g web.config sql connection string?
Also, could you not setup a new user and password and deploy it to the 900 applications? I know if I had 900 applications running with hard coded user details I would have a deployment system setup..
Unfortunately no. As a desperate measure, you can trial and error, hoping you can find it back... use "runas /user:domain\id cmd.exe" command referencing this account, a correct pwd will let you open a new command prompt.
