NT Gatekeeper: Discovering Whether Syskey Is Enabled

Find out whether Syskey is enabled.

Jan De Clercq

April 16, 2002

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Last month, one of our key Windows NT administrators suddenly left the company. Much of the configuration fine-tuning he'd performed on our NT servers was left undocumented. On some systems, he'd enabled Syskey encryption of the password hashes in the NT account database. How can I identify those systems?

The easiest way to find out whether an NT machine has Syskey enabled is to type

syskey

at the command prompt. This command brings up the Securing the Windows NT Account Database dialog box that Figure 1 shows, which indicates whether Syskey encryption is enabled.

Alternatively, you can check for the registry value HKEY_LOCAL_MACHINESYSTEMCurrentControl-SetControlLsaSecureboot. If the Secureboot value (of type REG_DWORD) exists and is set to a value of 0x1, 0x2, or 0x3, Syskey is enabled on the system.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like