A client of mine had a problem with their ISA Server recently - the HD failed.
Fortunately, it happened on a Sunday and there was a recent backup of the firewall config.
However, the config backup was password protected and no-one could remember the password!
The config backup though is a simple .xml file so one of the guys onsite (Przemek Kwiatkowski - Shrek, for short!) decided to open the file with a text editor and have a look at it. He created another config backup without any password protection, opened it with the text editor and compared the two.
On comparing them he noted that the file with the password protection had the following entry:
<fpc4 :OptionalData dt:dt="int">4</fpc4>While the file without the password looked like:
<fpc4 :OptionalData dt:dt="int">7</fpc4>Note the 7 in the file with no password compared to the 4 in the password protected file. Przemek changed the 4 to a 7 in the password protected file.
The password itself is encrypted and looked something like:
<fpc4 :EncryptionPassword dt:dt="bin.hex">c1fd1b2977cb42b2a3aed6933508268c235d535f</fpc4>When the password line was deleted and the 4 changed to a 7, the file was no longer password protected and the settings were available to import into the server once more!
OT: heh heh heh I just tagged you for a meme. C’mon, it’s Christmas, do it for a laugh. See here for details on the Five Weird Habits meme…
If that doesnt work (Example: ISA sp2)
you can do a backup put in a password.
Now replace the “
You replaced.
The file without password looks like:
4and with password:
7but i see sometimes int 5 too…
Great info in case something ever goes wrong with my 500 year old PC. Thanks for sharing. Right now I just backup to my FTP server though.